Are you cruising along the Information Superhighway sober, sane and safe - or drunk, deranged and dangerous? Following these steps won't guarantee you complete immunity from the digital equivalent of a 50-car pileup - the only way to do that is to disconnect your computer from the network and turn it off - but it will make disasters less likely and recovery much easier.
Unless otherwise indicated, all software recommended here is either part of the basic operating system (Windows or Macintosh OS X) or is open source and/or freeware. I'm trying to make this as painless as possible.
I have no association of any kind with any of the web sites or products I'm referring you to here; I've just found them very useful and/or reputable. Think of this as a ten-point safety check for your virtual car.
- Use smart passwords
- Never use the default password that comes with any piece of hardware or software; always create your own.
- Use passwords that aren't obvious; Cornell University has a guide on creating strong passwords that's worth reading.
- If you have trouble remembering your various passwords, store them in a secure, encrypted file or program. Macintosh users can use Keychain Access, which is part of Mac OS X. Windows users should check out Password Safe.
- Keep your system software updated
- Windows: make sure Windows Update runs automatically.
- Macintosh: Set your Software Update utility to check on a daily basis. You'll find it under Preferences - System - Software Update.
- Use anti-virus software
- Windows: Free anti-virus options include ClamWin and AVG. Commercial products are available from McAfee, Norton and Trend Micro, among others.
- Macintosh: Viruses for OS X are relatively rare, as are free anti-virus programs. ClamXav is the Macintosh version of ClamWin. Commercial products are available from McAfee, Norton, and Intego.
- No matter what product you use, make sure you have it set to automatically update your virus definition files. Out of date anti-virus software is as bad as none at all.
- Use anti-spyware software - Anti-virus packages won't necessarily catch all the bad stuff out there
- Windows: Spybot Search and Destroy, Ad-Aware SE Personal Edition, and Windows Defender are all worth having and all free.
- Macintosh: OS X has, so far, been largely ignored by the spyware creators, so there's not much in the way of anti-spyware software out there. MacScan is one of the few available, but it's not free.
- Practice e-mail safety
- Don't open a file attached to e-mail unless it's one you're expecting from a trusted sender. Hostile program are often disguised as apparently innocuous documents.
- Don't reply to or click on links in unsolicited e-mails asking you to verify personal data at financial institutions or on-line merchants. These are likely to be fraudulent.
- See this article at wiredsafety.org for more solid recommendations on e-mail safety.
- Practice safe browsing
- Think before you click on a link! Hackers will try to sucker you into visiting web sites that will download viruses and spyware to your computer without your knowledge, or con you into entering personal information at a web site that looks (but isn't) legitimate.
- Secure your web browser. The US Computer Emergency Readiness Team (CERT®) has some good practical advice for both Windows and Macintosh users.
- Use Mozilla Firefox instead of Microsoft Internet Explorer. We propeller beanie types can debate the reasons why until everyone's eyes glaze over, but the bottom line is that Internet Explorer is the preferred target of the network's bad guys. Download Firefox and make it your default browser.
- Use a personal firewall
- A personal firewall program provides an additional layer of protection from Internet threats, and can alert you if a spyware program is trying to "phone home".
- Windows: Windows XP has a built-in firewall. See this article from Microsoft on how to make the best use of it.
- Macintosh: OS X has as built-in firewall. See this article from Apple on how to make the best use of it.
- Avoid peer-to-peer file sharing programs
- Programs such a Kazaa, Grokster, and Limewire are major distribution channels for viruses, worms and spyware - to say nothing of copyright violations.
- If you must use one of these programs, disable file sharing. Here's an article on how to do that.
- Lock your car. Take your keys.
- Limit access to your computer. Unless you really need to share your files and programs with others, turn off file sharing. Here's information on how to do that in Windows XP, Macintosh OS 8 or 9, and Macintosh OS X.
- Windows has a guest account enabled by default. Who needs it? Here's how to disable it.
- Think before you download
- Avoid web sites or e-mails offering "cracked" versions of commercial products such as Microsoft Office. You might or might not wind up with the product in question (and if you did, you'd be breaking the law), but you'll almost certainly wind up with a mother lode of spyware, viruses and worms.
- Freeware downloads are OK (as is shareware IF you do the right thing and pay the shareware fee), but make sure you get them from reputable sites such as download.com.
- Bottom line: downloading files from questionable web sites is the 'net equivalent of trying to beat a veteran card sharp at three-card Monte - a sucker bet.
Want to know more? Here are some useful web sites:
- So You Think You've Got Spyware? - a good primer on detecting and removing spyware from PC Week
- 10 things you should do to a new PC before connecting it to the Internet, from TechRepublic
- 10 things you should know about securing wireless connections, from TechRepublic
- CERT® on Home Network Security
- Top 10 Tips for Wireless Home Network Security
- CERT® on Home Computer Security
- Dark Reading is an on-line publication pitched more at the techie crowd, but many of the articles are jargon-free and the writing style is lively. Besides, any site that has a column by someone called Tim the Enchanter (a.k.a. site editor Tim Wilson) has definitely got my vote.
- Security Watch in an on-line division of eWeek magazine that will keep you up to date on the latest security news as well.
- Spywareinfo.com is a great source for news about spyware/malware threats and how to defend yourself from them.