ToTPCs

I title this “Tale of Two PCs” I recently encountered two very different computer users. So divergent in fact that I thought I must write about this.

First I received a laptop that was running poorly from the parent of a high school student. This was a perfect example of what NOT to do to your PC! It had no protection software of any kind. It also was years behind on Adobe Flash & Reader, Java (25 versions out of date), CCleaner was on 1.46 (current at time of this post is 3.27), this list of abuse goes on ad nauseam..

The next big problem was this teen’s laptop had seven (7) toolbars, some created by some ugly spy people. The PC had a Rootkit Virus, many Trojans, and some hundreds of spies.

How did all this happen? One clue is Limewire, which is a peer-to-peer sharing software. In a perfect World this is a great idea. A student in Queensland could share homework with a perspiring panicky pupil in Panama or a home-brewed rock ballad with a prospective proprietor in Paducah.

But in the real World, peer-to-peer sharing software such as Limewire (now defunct?) and Bearshare are more interested in letting others get into your computer than protecting you so all the bad guys have a roadmap into your personal data.

This doesn’t faze many teenagers as the part of the brain that understands cause and effect has not connected just yet. No knock on teens, this is just a biological fact that the frontal lobes of the brain are slow to develop. How many times have you parents thought or asked “What were you thinking?”

The reason I bring this up is so you can be aware of the possible security breaches your neat and well-mannered child may be allowing for some free music or movies. The most infected computers I have ever cleaned had peer-to-peer sharing programs installed on them. Simply uninstalling many of these P2P type programs won’t stop the sharing hole that was punched through your firewall.

Now that you have heard about one of the worst computers I have ever repaired, see at what I found just a day later. I went to update a PC from a customer that I had not seen since July 2010. He also did not update Java, Flash, Windows Service Packs, and had no Protection software.

I came in with my gloves pulled up to my elbows so I would not catch the horrible diseases I was sure his PC would have. I have never visited a computer that had no Antivirus, or Ant spy software that did not have bunches of bad guys happily having their way. I installed and ran Malwarebytes Anti-Malware and it found… (wait for it..)

Nothing! I installed AVAST (highly rated in recent tests) and it found.. Nothing!

I proceeded to clean temp files, update Java, Flash, Reader, hundreds of Windows XP updates, and Service Pack 3. While waiting for SP3 to finish I decided I would ask Mr. X just how he keeps his PC so clean of malware (bad guys, Viruses, Spies, Rootkits).

Here is the wisdom he imparted to me. He always leaves his computer on unless leaving town. He never opens emails or their attachments that he was not already expecting. When searching for websites (he uses Google) he looks at the domain names and is careful to go only to ones he knows to be safe. He almost never types in a URL by hand. (One trick bad guys do is to “typo-squat”, this means they lease the domain names that you might accidentally type when trying to go to a frequently visited site.)

That little paragraph just above is a power-packed panacea or personal protection (I got a million of ’em folks..)

The only thing I could add to his security suite of sumptuous suggestions is some simple rules for secure passwords. Bad guys first try all correctly spelled words in all languages, with an uppercase first letter, and numbers on the end. Don’t do that! Also any date is easy to guess due to only 12 Months and 31 Days, and a very limited group of years 1920 to 2013. I mean it is not likely your Anniversary is in the year 1629..

Just spread uppercase randomly (not at word beginnings) and slip numbers in the middle area not to assist a perfectly spelled word. Bad guys know a 3 is used for E, a 1 for I, a 5 for an S, and a 0 (zero) for an (letter) O. Don’t do that.

If you have a favorite saying, poem, lyric etc.. that you recite incorrectly this would be a good basis for an easy to remember password. Just use the first characters of the words. Here you could use the numbers for letters trick as it would not show as a word or even famous writing. Put some strategic uppercase letters and Wham! You have bullet-proof password.

It amazes me that a big company (AT&T) does not allow use of the non-letter, non-number characters which can greatly complicate a hack of your password adding Millions of combinations to an eight character password. Don’t use a password under eight characters if that length is allowed.

Do not keep a password list on your computer. If you must keep a memory list do not construct it on your PC. A deleted file can still be found. If you want a list on your PC just use vague memory joggers not exact passwords and also not exact user names.

There are clever programs that can search all text capable files (Word, Excel, Notepad, WordPad, WordPerfect, blah blah..) for Users, passwords, Social Security numbers, drivers licenses, addresses, emails, phone numbers. That data can be sent back to bad guy servers and auctioned off to a really bad guy of whom wishes to steal your Identity! This really happens! And finally, do not carry exact passwords and account user names on your person (not in your wallet, purse or backpack). Identity theft is no fun. Trust me, I have fully developed frontal lobes.

eMark

Leave a Reply