Annual Computer Security Review

Preliminary notes: You can set up a batch file that automatically opens this page at least annually. I may add other precautions to this page later. Suggestions are welcome.

Webpages to Open

Gibson Research. Provides links to their software and services. Of particular interest: ShieldsUP! (to test Internet security) and Fingerprints (copy GRC’s authentic security certificate, about two-thirds of the way down the page, to a separate Notepad file for viewing; then use the browser-specific instructions following that box to see whether your browser is actually going directly to that GRC page or is instead being intercepted).

An Introduction to Keylogging. Explains techniques and offers suggestions to reduce the risk that someone may be capturing your keystrokes. Note the separate discussions of hardware and software keylogging.

Have I Been Pwned? Tells whether the contents of your accounts at various websites have become accessible via security breaches. Offers to let you know of any such access in the future.

Google Search History. Instruct Google not to keep this information about you.

Password tester (e.g., Rumkin or Haystack). Best to avoid password testers that could actually be collecting your password; Haystack appears to have precautions against that. To generate strong random passwords securely, consider Gibson’s Perfect Passwords or another Rumkin offering. To retain password security for passwords you must write down, consider Password Card.

Software to Consider

Windows Update. Available in Windows 7 via Control Panel. New downloads protect your computer from various kinds of attacks.

Disposable Email. Gives you a temporary email address, so that you can receive the first few messages from a merchant but won’t be forever spammed after that.

Antivirus, Firewall, and Malware software. As of yearend 2013, multiple sources named Bitdefender ($25) the best antivirus program (albeit one that will visibly drag down performance), with AVG and Avast continuing as the best freeware alternatives and Malwarebytes Anti-Malware as the best free removal-only complement. Microsoft Security Essentials (MSE) was reported to have slipped, and that was consistent with my experience: the first of my weekly runs of Malwarebytes had detected several dozen items overlooked by MSE.

Secure password manager (e.g., LastPass). Note its potential value in preventing some kinds of keylogging (above).

Encryption: especially TrueCrypt and Bitlocker. Prevents others from accessing your data even if they steal your computer or its drives.

Microsoft’s EMET. According to reports, it improves security without requiring updates. Version 4.1, available at yearend 2013, appeared to have some significant bugs. At least I was not able to get it to run properly on my machine. It appeared to be an item to use immediately, if one can get it to work, or else to watch for future updates.

This entry was posted in Uncategorized and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s