The post below recommends techniques to improve your on line security, but that's not much use if your computer/smartphone/tablet is insecure. All your private content could be viewed remotely.
If you install a Windows operating system onto a computer and connect it to the internet without the firewall enabled and updating the computer, it only takes seconds for malware to discover and infiltrate your computer. Your computer can then become part of a botnet and commanded to send spam, attack other computers, etc without your knowledge (until you wonder why you've exceeded your data allowance). Apple and Linux/Android based operating systems are also insecure if they are not kept up to date.
Any computing device you use to access the internet, should have the following:
* Firewall enabled
* Automatic Updates enabled (viruses often disable this)
* Virus scanner up to date (viruses often disable these)
* Browser updated to the latest release (don't forget add-ons also need updating)
* Java disabled in your browser (It is most unlikely that you need it)*
* Other applications that access the internet updated to the latest version and/or patched, in particular:
- Adobe Acrobat Reader
- Adobe Flash
Java, Reader and Flash are most-exploited Windows programs:
These are NOT included in Microsoft Windows updates - you may need to update them manually
Particularly nasty 'ransomware' attacks are increasing rapidly. This form of malware encrypts your data and brings up a message asking you to transfer money to pay for your data to be restored. What do you think your chances are? Back up your important data onto a flash drive or portable hard drive.
A few years ago, Trend Micro announced that the number of malicious apps available for download for Android phones had reached the 1 million mark. iOS is better, but you are still not immune, with many apps gaining greater access to your phone content than they need.
Is anyone still using Windows XP? Microsoft no longer provide security updates. You can be certain that any vulnerabilities that are patched by Microsoft in later operating system versions will be checked to see if they are present in older versions so staying on unsupported operating systems makes you a sitting duck for net nasties.
This post only touches on the basics of computing device security. If you aren't sure how to check what you use to access this site is up to date per the above, ask a trusted, knowledgeable friend for assistance (and do something for them in return!) or use your Operating System and Application Help or your favourite search engine to find out what to do.If you have a Google account, Google is at least being transparent about the data it collects on your on-line activities and allows you to examine and delete it if you wish. Just log in with your Google account here: myactivity.google.com/myact...
As has been said macs are more secure but still vunerable if you don't follow good practice. Always apply security updates as soon as possible. Run good quality security software and ensure this is updated frequently. Norton releases updates continuously every day as the hackers are coming up with new attacks every day.
You will be surprised how many processes access your machine when online without your knowledge unless you have software checking and stopping. Spotify results in numerous sites trying to gain access none seem to effect the running of spotify
Ensure you have a good backup regime for your most critical information. Think what would happen if your disk went bad and all your photos were lost. Unfortunatly you only find out how good your backup procedures are when it is too late if not adequate!!
I haven't used a computer for over a year... iPad only...the most secure personal device on the internet... infallible or immune... no ... but all my data, music, photographs, apps, pdf and data is backed up on iCloud... no need to back-up ...it just works, in the background.
The iStore App vetting (whitelisting) and closed operating system OS ...has proven so far to be the best security strategy on any platform...
You need to update, if you want maximum protection...
Disclosure...I'm a long time Apple programmer, going back to the Lisa, so I have a bias, but so far... Apple's security strategy has been pretty good...
From 1983 until 2012 I have only experience one incidence of a computer malware on a Mac that affect the operating system and resulted in data loss...it was corrected within a few days...
Historically, Microsoft totally ignored well established security practices in attempting to make their operating system user friendly. Microsoft also thought the internet was a fad until Bill Gates realised how serious an error this was and lead a huge turn around/catch up for the company. These errors made their underlying architecture very difficult to make secure retrospectively as they had the challenge of trying to retain user friendly features (backwards compatibility) that also made Windows open to attack. It also didn't help being the largest software company - about 10 to 20X the size of Apple.
Microsoft have made huge advances in security, but now it is poor security coding by other companies (primarily Oracle and Adobe), that are a major infection source - and not only for Microsoft as Acrobat Reader, Flash and Java are used elsewhere.
On several occasions, Apple have pretty well totally abandoned their users on earlier Apple operating systems and the clean start helped them build in improved security features. Their latest operating system has its roots in Unix, which has 40 years of experience with maintaining security in a networked environment.
Thanks for this, Neil. It's helpful to know more of the background to these things. My PC and laptop are both Microsoft, and I've never had a security disaster with either of them. Can't be complacent though... and your mentioning XP not getting security updates after next April, was rather alarming...
I'm thinking of getting a tablet of some sort - the increased mobility is very attractive. So the question of Android v iPad comes up of course. Everyone who owns an iPad seems VERY enthusiastic about them!
How very depressing. It seems there are a lot of very unpleasant (and clever) people "out there" Maybe I should work out how to check my Java settings. But my main computer uses Windows XP, and it won't be so easy to change that. Yet I don't like the idea of being a "sitting duck for net nasties" after next April, in spite of the wonderful du cklings in the photo.
I like Sparkler's wish that Neil could make everything secure for us, remotely... Well, he did suggest we ask a "trusted, knowledgable friend for help". We don't live near enough to mow his lawn for him in return, but if we all gave him an "appropriate donation" instead, he could make a tidy sum....
Ah, just before posting this, I saw that Chris's thing had appeared above. It seems it's so much easier for Mac users. Bit late for me to change systems now though...
I think tablets and smart phones are the future for the average user... case in point...since treatment I no longer have the physical capability to type on a keyboard, but I can finger touch on the iPad screen, and actually quite quickly, so for me it is using the appropriate technology... this was typed sitting on a bench overlooking a pond, full of ...ducks... not sitting behind a desk... mobility... the new paradigm.
But it is so much more...my alarm clock, scrabble word checker, my darkroom, photo library, banking access, take your pill reminder, music library and music store, entertainment centre, communication device, reference library, programming platform, graphics tablet, game console, menu planner, the list is endless...
Nice to think of you sitting on a bench by a pond, Chris, watching the ducks, writing that. Much nicer than in a room at a desk. But I was very sorry to hear you can't type on a keyboard since treatment... Yes, we can be very grateful for touch screens...
Yes vincristine can be very nasty... thankfully it is not used much in CLL, but it is still frontline for diffuse large B cell lymphoma... DLBCL, which is what CLL becomes in a Richter's transformation.
So it's the vincristine bit (in CHOP) that's done most damage in your case, causing peripheral neuropathy? affecting your hands? and feet? I suppose there was no other option at the time?
Doxorubicin is cardio toxic as well, I took a double hit. My vincristine problem was not peripheral neuropathy as such...it came and went fairly quickly... this was more systemic apparently.
I'm not fully understanding this. So the doxorubicin damaged your heart? The peripheral neuropathy came and went? So what actually did the vincristine do, that stops you typing?
Doxorubicin is made from a bacteria from a 13th century castle in Italy... very red..it is administered as a 'push' to the vein.. looks just like cranberry juice
Doxorubicin, aka 'the red devil' has an interesting history. It also has a lifetime limit on dosing, but just my luck, my limit was lower so heart damage...
I'm really sorry about the heart problems and foot drop (as if you didn't have enough to cope with). But a "fried brain"? I don't think so - not you...
Interesting about the Vincristine flowers - yes, very pretty. They grew wild in our garden when we lived abroad, in a hotter clime. Never knew of their medicinal properties .And I wonder how Doxorubicin was first discovered? I presume it doesn't still come from that castle in Italy. It shows that you never know where new drugs will be found.
There are three approaches as far as I can see....
1: lock it down tight, as Apple have done, this gives a reasonably secure environment and because there are few games not so many machines so little interest from those that are looking for an easy target
2: open it wide and have an army of developers, as per the Linux model. Again little interest from those looking for an easy target because there are many mega techies that can out-program the bad guys.
3: The windows model rushing for market share and building a colander.
Mix of iPad and Linux here, and keeping up-to-date on updates here.
The other advice I'd give, dont go downloading loads of 'free stuff' unless you know how it's financing works. No such thing as a free lunch, whatever anyone says.
I have used and developed open source software and applications for years, there are free lunches if you know where to look... many are more advanced than commercial packages... GIMP is a great example, rivals Photoshop for free
I agree, in the open software world there is no charge often and the software is often better, however you have to spend time learning or adjusting and be prepared to do a little bit more research or reading initially. Mostly it's worth it in the medium term, so I still think theres no free lunch. Interested to see your sw list, mine looks like this:
Open
Often use: Debian, LibreOffice, Komposer, Chrome, Firefox, Thunderbird
Less frequent: grip, handbrake, gimp, Iceweasel, Virtualbox(for WinXP/iTunes only).
Ipad: IOS, Medesana, Chrome, twitter, facebook,ebay, BBCnews, flipboard, Waze, qrafter plus bank specific apps.
I assume many of us have had scam calls purportedly from Microsoft, telling us that our computer is causing problems to others on the internet? I received these calls several times a month at their worst and still get a call every month or so. Even my mother in law received a call and she doesn't have a computer!
The standard approach is to direct you to the Windows system log, show you some inconsequential errors that look worrying (every Microsoft system has them), convince you to give them remote access to your computer!!, and then allow them to install some software to 'protect' you - all for bargain price of several hundred dollars a year! And all from a cold call!!
I've had fun wasting their time playing along as an average user, but they hang up quick if I slip up and show that I might know more than them.
Last call:
"Sir, we've had a report that your computer is ......"
I replied, "OK, what's my IP address?"
<click>
You must have an IP (Internet Protocol) address to connect to the internet. If your PC gets taken over by malware that makes it part of a botnet, then your PC will generate a lot of internet traffic, typically spam email and denial of service attacks. You are then likely to be contacted by your Internet Service Provider (ISP) via email, who would know your IP address, NOT by Microsoft.
There are good, free virus scanners available for Windows PCs. Microsoft provides Security Essentials free for XP, Vista and Windows 7. It doesn't get updated as frequently as the alternatives, particularly the paid variety, but works adequately unless you engage in risky internet activity:
Yes, I'd heard about these until this summer when I got one. I feel duty bound to try to outsmart them to keep these parasites away from non-techie people. Got bored after 19m 20 seconds. It was very funny as a Linux user when they tried to get me to go to control centre and me telling them I couldnt find it! I got bounced to a 'team leader' which I guessed was the guy at the next desk.
Most routers have a firewall, make sure it is on, and if it has the facility get it to log and send alerts to your email, that way you can see if you've had attacks. Not all will report.
Unless your reporting program has very good filtering, you are likely to get swamped by the volume of automated attempts to gain access. Looking at such a report can be quite alarming too, if you aren't familiar with what is 'normal' probing activity.
Makes me wonder what it would be like if our immune system provided a similar log report on attempts to break through our body's defences!
This month's (December 2013) Microsoft update patches 4 vulnerabilities that are already being exploited. If you use Windows, make certain that you are getting these updates. (The typical sign you are getting these is when your computer takes longer to shut down or start up and shows updates happening.)
Details for those interested (note Internet Explorer is at risk):
It is these notifications from Microsoft that hackers will check on Windows XP for potential exploits when XP is no longer patched by Microsoft next April...
Tim Rains, the director of Microsoft's Trustworthy Computing group said "The very first month that Microsoft releases security updates for supported versions of Windows, attackers will reverse-engineer those updates, find the vulnerabilities and test Windows XP to see if it shares [them],". Microsoft says that XP shared 30 security holes with Windows 7 and Windows 8 between July 2012 and July 2013.
For those that think Microsoft Windows XP has been around and patched for so long, there just can't be any more vulnerabilities left, think again. A serious Windows XP vulnerability has just been announced:
From a recent Slashdot submission...wiredmikey writes "A new Windows kernel zero-day vulnerability is being exploited in targeted attacks against Windows XP users. Microsoft confirmed the issue and published a security advisory to acknowledge the flaw after anti-malware vendor FireEye warned that the Windows bug is being used in conjunction with an Adobe Reader exploit to infect Windows machines with malware. Microsoft described the issue as an elevation of privilege vulnerability that allows an attacker to run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights."
Time to move on from Windows XP, remove or at least upgrade Adobe Reader. There are other PDF readers like Foxit Reader available:
Microsoft does however say that "The vulnerability could not be exploited remotely or by anonymous users"
Another reminder for those still using Microsoft's very popular operating system, that Windows XP will no longer be supported after 8th April 2014, putting you at risk if you are still using it beyond that date.
Microsoft on why the Windows XP show is finally over:
Note: Antivirus software will not fully protect you from malware exploiting any new security vulnerabilities:
"Antivirus is not the answer
"There will be an extended market for XP in terms of security research and mitigation, Sophos' James Lyne says, which includes antivirus software. However, it would be unwise to rely on antivirus as the answer to Microsoft's end of support.
"Certainly, antivirus is going to help. It can still detect lots of threats on their way into the platform. It's still going to pick up a lot of malicious code," he said.
"Unfortunately, when you have a platform like Windows XP, if a new zero day — although technically it's going to be an infinite zero day — enables exploitation at the system level of the device, that exploit would get in underneath the antivirus before the AV gets the chance to scan it."'
Still using Windows XP to connect to the Internet? With Java (a major malware vector in recent years) no longer supported on Windows XP by Oracle, you should at least disable Java in your browser if not uninstall it completely. Java is rarely used from within browsers nowadays, but it was much more common when Windows XP was at its prime, so if you are still using Windows XP, you are highly likely to have Java installed.
Java is only one of the ticking time bombs in XP, so do yourself a favour and upgrade to anything that is current!
"Regardless of your status on any of these databases, the only good strategy is to have strong and separate passwords for all services you use. Remembering all that is not humanly possible, so you'll need a password manager. I use LastPass, others I know use 1Password and RoboForm, and there are many others."
The company, GoldenShores Technologies, LLC, is using the onboard GPS to make money on a free app by selling the anonymized user data it collects. And, the amount is not trivial; over one million people have downloaded the flashlight app.
Just a warning for anyone who buys from Amazon. I received a message which suposedly was from them to give me information about a purchase I had made. I do buy off Amazon but had no orders outstanding. It asked me to download, I did, I downloaded it straight off my computer. So please be careful, Amazon do not usually ask you to download anything.
Recently had card cloned at Gatwick Airport car park - be warned. Got confirmation anti-viral was working - found a trojan - before it could do any hard. Like backups better to know that is working before you need it!
Purposely dropped flash drives in targeted business car parks have long been a very effective means of gaining access to internal company networks by hackers. There's an excellent chance that an employee will pick the drive up and check if it is OK by plugging it into a work computer. Thankfully, Microsoft patched their operating systems years ago to prevent auto execution whenever you plugged in a flash drive, but that doesn't stop people from inadvertently running temptingly named executables left on the drive when they thought they were going to see a picture, e.g. by clicking on:
It doesn't help that Microsoft's default display of filenames doesn't show the extension. That's one of the first settings I change in Microsoft Explorer after I've installed a new Microsoft Operating System.
You can get very paranoid about this and perhaps with good reason. New products HAVE been shipped with compromised hardware memory and some promotional memory sticks have been embarrassingly handed out with malware included.
You should be safe using a new memory card, but you should always access any external media with general user (not Administration) rights to limit any potential damage to your computer.
Have you disabled the use of Java in your browser yet? Cisco (THE major manufacturer of internet hardware), claim in their 2014 Annual Security Report that Java is now the preferred point of entry into your computer for online criminals:
Check my reply above for instructions on how to disable Java (which is not to be confused with Javascript) in Internet Explorer, Firefox, Chrome or Safari. It is highly unlikely you'll need Java for internet browsing, but you'd be struggling to do so without Javascript. While this can also be a security risk, you can be greatly reduce that (at some inconvenience) by using NoScript noscript.net/ if you are using a Mozilla based browser.
"The NoScript Firefox extension provides extra protection for Firefox, Seamonkey and other mozilla-based browsers: this free, open source add-on allows JavaScript, Java, Flash and other plugins to be executed only by trusted web sites of your choice (e.g. your online bank)."
Computers visiting yahoo.com on January 3 2014, were served malware from the Yahoo ad network (ads.yahoo.com) using a Java security flaw.
Here are the official instructions on how to disable Java in your Internet Explorer, Firefox, Chrome or Safari browser on commonly used operating systems:
Platform(s): Solaris SPARC, Solaris x86, Red Hat Linux, SUSE Linux, Oracle Enterprise Linux, Windows 8, Windows 7, Vista, Windows XP, Windows 2008 Server, Macintosh OS X
Browser(s): Internet Explorer, Firefox, Chrome, Safari
Java version(s): 7.0, 7u10+
You can't disable older versions of Java in this manner, but then again, you shouldn't be using an older version unless it is required for compatibility with some old, unsupported software that hasn't been updated to work with a later security patched version Java.
The LiveCD technique mentioned (which can also work with a flash drive), works with desktops and laptops by starting up Linux from the inserted drive/CD. Linux runs entirely in the computer's RAM memory; nothing is saved on your hard drive. Provided you start up the LiveCD then go directly to your on-line bank account each time you want to do any on-line banking activity, you should be perfectly safe (well, provided you trust the LiveCD supplier).
Another technique for safe banking is to have a dedicated virtual computer that you only use for on-line banking. Basically you emulate a computer within your computer, with VMWare and VirtualBox a couple of the better known emulators.
"In 2013 alone, AV-TEST registered 1.5 million Android-related malware samples, bringing the total to 1.8 million. During November of 2013, AV-TEST received 6,000 new samples per day."
Google is definitely improving Android's security with each new release, but they have a lot of catching up to do.
For anyone who needs a mobile device with higher-than-usual security, there are a number of options. One such option is to encrypt your entire device. This means that every time you power your phone on, you'll need either a numeric pin or password to decrypt the device. An encrypted device is far more secure than an unencrypted one. When encrypted, the only way to get into the phone is with the encryption key. That means your data is going to be safe, should you lose your phone.
The above article explains that there are pitfalls to this paranoid level approach, which include a slight hit on performance (so it is not recommended for an older or underpowered phone), you can't go back to unencrypted operation and it takes about an hour or more to do the once off encryption (the time taken obviously varying with the amount of data you have stored).
Here's news of Droidpak: A sneak attack on Android devices via PC malware. The article goes on to mention the results of AV-TEST Institute, where “30 Android security apps were tested: only two products failed in our latest review against 2,191 malicious apps.”
If you regularly share you phone with others, here's a review of an app called appropriately AppLock, that limits what apps are available:
"There are instances when security can come in the simplest forms, such as keeping prying eyes out of certain apps. You might hand your phone over to someone so they can make a call or look at a picture. If you turn your back, that user could always dig into your data. Fortunately, there are ways to keep certain applications readily available while others are locked down. One such method is a third-party app called AppLock.
With AppLock, you can create a specific PIN (or an app-specific PIN) that can then be used to lock down whatever applications you wish to secure."
Practicing Safe Androiding: "Android's increasing popularity comes with a price -- malware. Jack Wallen of TechRepublic offers up his best practices to help you keep your Android free from malicious software."
There was a SSL security update Feb 20... make certain you update your Apple devices. Tap...'Settings', ' General', Software Update... your system should read 7.0.6 when you are done... it takes 10 minutes to do.
All Apple users, please follow Chris's advice and update your Apple devices ASAP. SSL is the means by which you can do secure transactions when buying on the web, access your bank accounts and visit sites that have an address starting with like HealthUnlocked.
If you are still using Windows XP, immediately stop using Internet Explorer to browse the web. Use an alternative free browser like Chrome, Firefox or Opera NOW and hasten your move to another operating system.
Hackers find first post-retirement Windows XP-related vulnerability:
Note the good advice to change your windows file settings to display the file extension, so you aren't fooled by a file named ImportantFile.pdf.exe appearing as ImportantFile.pdf.
* Log out of sites after you make an online payment
Like I said, because of the meteoric rise of Android, it will be targeted. That doesn't mean you have drop it like an infected potato. What it does mean is that your mobile device must be used with the same care and caution that you use with your desktop and laptop."
Today's smartphones are as powerful as personal computers were not that long ago, plus we tend to keep far more sensitive information on them and they are far easier to lose. Doesn't that imply that you need better security for your mobile phone than you have for your laptop/desktop computer?
Windows users be warned! Malware infection rates are very little different (at around 2%), for computers running Windows8/8.1 that have no protection or out of date, off or expired security software. If you've bought a new computer recently and haven't extended or replaced the included anti-malware trial subscription, then you are at increased risk.
ZDnet - expired security software an open door to malware:
Apple mobile users should upgrade their systems to iOS 8.1.1. There are a number of bug fixes, security updates and speed improvements for iPad2 and iPhone 4S
"Smartphones are the go-to device for everything from shopping to entertainment and business (not to forget health - Neil) for many people. As this trend continues, smartphones will increasingly become a target for cybercriminals, no matter which mobile operating system you're running. Following the steps above will allow you to keep it secure against such threats."
Yes, you really need to update the operating systems as Neil suggests...
1. plug in the device to the charger
2. tap Setting > General on the left menu
3. tap Software Update on the right... second on the menu...
Then if you have WIFI... select to update...
It takes about 10 minutes...
Remember the North Koreans are watching YOU not some dumb movie made down the street from me in Vancouver Studios... Whaaaaaaa! Sorry I missed the Interview...with my CLL doc...
There's a worrying increase in ransomware, a malware attack in which all your data files are encrypted so strongly that it is impossible to recover them. You are given a few days to pay hundreds of dollars to receive a key that will enable you to recover your files.
in the article below, an IT tech expert explains how his computer was infected. He received a demand for $1,400! Through good planning, he was able to recover his files from a backup:
Note the good advice to change your windows file settings to display the file extension, so you aren't fooled by a file named ImportantFile.pdf.exe appearing as ImportantFile.pdf.
There’s no evidence so far that any hackers have exploited the weakness, which companies are now moving to repair. Researchers blame the problem on an old government policy, abandoned over a decade ago, which required US software makers to use weaker security in encryption programs sold overseas due to national security concerns.
Apple Macs were once considered invulnerable to malware, but those days are long past. Apple Mac users contemplating which antimalware suite to use may find this TechRepublic article helpful.
9 OS X antimalware suites get the thumbs up from AV-TEST:
Ever thought why mobile phone apps are usually free or a very low price compared to similar computer software? You are probably paying for them through targeted advertising, with the apps monitoring where you are, what web pages you contact etc so advertisers can serve up ads more likely to capture your interest (and your money).
The standard flash light app provides an excellent example of this. Code to provide that function is simple and should make for a very small app. All you need are some icons and code to switch the flash light and screen illumination on and off, so no more than a 100kbytes or so should be needed. The rest of the code in bloated flashlight apps is NOT controlling your flash light function, so what IS it doing? Cybersecurity Expert Gary Miliefsky is interviewed about what else your flashlight app is doing here: youtube.com/embed/Q8xz8xKEFvU
Remember, to maintain your privacy and security, please review what access apps are demanding and if you can't see why they need that access, don't install them!
Anyone who spends much time online knows the saying: “If you’re not paying, you’re the product”. That’s not exactly correct.
On the internet, you’re nearly always the product. And while most internet users know that some of their personal data is being collected and monetised, few are aware of the sheer scale of the issue, particularly when it comes to apps': theconversation.com/sorry-e...
Content on HealthUnlocked does not replace the relationship between you and doctors or other healthcare professionals nor the advice you receive from them.
Never delay seeking advice or dialling emergency services because of something that you have read on HealthUnlocked.