This is what you must do, right now – R-E-L-A-X.

This is the biggest non-threat that’s making headlines everywhere. It even made 60 Minutes and getting coverage everywhere. If you’re reading this and have read my Computer Security guide your safe. You don’t even have to read that, you only have to have Windows Update turned on. Microsoft sent out a patch months ago to not only detect it but to get rid of it. Even without going out and buying an anti-virus program your protected from this Conficker worm virus thing.

If you’re just now getting around to turning on Windows Update and can’t, you’re probably up a creek. Conficker will not only turn off Windows Update, but it will redirect your browser away from sites like MacAfee, Symantec, and Eset.

You just installed Vista and can’t find Windows Update? It’s right here:

Seriously, If you’ve been running Windows Update either automatically or manually fairly often you’re probably fine. Just to make sure you get to the Start Menu, type Run in the search box, enter, then type MRT and enter for Microsoft’s Malicous Software Removal Tool.

If for some reason you have it and have been using OpenDNS, the OpenDNS project has blocked all of the domains that Conficker “calls home” to so it can’t get updates or instructions.

If you can’t run Windows Update or go to regular anti-virus or secutiry sites you may have it. One fix is to download MRT or any anti-virus program from a good computer then, transfer via disk/USB to the infected computer. If you can’t get to a good computer because your entire network is infected, there are step-by-step instructions at Microsoft: Virus alert about the Win32/Conficker.B worm or let me know in the comments or email and I’ll help you out.

You may not even know you’ve been affected. Back in the old days, virus’ and worms were written to be destructive, usually erasing your hard drive or corrupting system files so you couldn’t boot. Now the bad guys only want to use your computer without you knowing. There are keystroke loggers that will record your keystrokes, especially passwords and send them back to their evil headquarters and you won’t even know it until your bank account has been emptied into some offshore account.

You computer might be drafted into a zombie army of computers to perform evil deeds when the bad guys send a command. This is how sites like Amazon and Yahoo can be taken down, by using the processing power of thousands of computers.

If you want to see how this works for good instead of evil check out SETI

SETI@home is a scientific experiment that uses Internet-connected computers in the Search for Extraterrestrial Intelligence (SETI). You can participate by running a free program that downloads and analyzes radio telescope data.

It’s the same concept, using processors from several thousand computers as one giant supercomputer.

Back to the bad guys. This worm found it’s way past firewalls and antivirus programs through a bug in Windows XP and Vista.

‘Amazing’ worm attack infects 9 million PCs
Like other security researchers, those from Microsoft have put some of the blame on users slow to patch their PCs. “Either Security Update MS08-067 was not installed at all or was not installed on all the computers,” a pair of security researchers who work at Microsoft said Tuesday.

Microsoft has recommended that Windows users install the emergency update, then run the January edition of the MSRT to scrub the worm from compromised computers.

This time it was found out and can be easily fixed. If you’ve ever had a virus, you know this is usually never the case. Present day virus’ can be embedded so deep in your system (called a rootkit), that an anti-virus program can only tell you that you have one. Then it’s reinstall windows.

Get up to date! This is your last warning!

One of the best protections against all of the bad people that want your identity or that want to hijack your computer for evil deeds, or just place a bunch of crap on your computer is to keep all of your software up to date.

Microsoft Windows Updates

Microsoft comes out with operating system updates about once a week, critical updates get pushed out as soon as they’re ready. If you don’t have Automatic Updates turned on, you’re putting your computer at risk. Most of the updates are some type of security updates. If a vulnerability isn’t known by every hacker in the world, when Microsoft puts out an update, every hacker in the world now knows about it and will exploit that particular problem against people that are slow updating their system.

If you’re not sure about your updates go to your Start button, then Right Click on My Computer, or go to your My Computer icon and Right Click, click on Properties, then click on the Automatic Updates tab and this is what you see.

At the very least, be notified of updates and you can download them when you’re going to be online for a while.  On your desktop, there’s no reason why Automatic can’t be checked.

Or you can go to the Windows Update site to check for and download any updates, you have to use Microsoft’s Internet Explorer to go to Microsoft Update.

If your still on Windows 98 or anything else before XP, you’re putting everything on your computer at risk.  If you’re computer is too old or doesn’t have enough processor power or enough memory for at least XP, there are several things you can do. The single biggest bang for the buck upgrade is RAM/Memory and hard drives are getting dirt cheap. Or you can switch to Linux, but that’s a whole ‘nother series.

Internet Explorer

Why? But if you’re still using Internet Explorer at least upgrade to the latest version. IE6 is a security risk with all sorts of known holes and exploits. If you’re unsure about your version, click on Help, then About. IE7 is actually a good upgrade (from what I hear). I upgraded my Explorer, but like 50% of the internet, I don’t use it. What’s the other half of the Internet using? Mostly Firefox, an open source project from Mozilla and a small percentage are using other browsers like Windows versions of Safari from Apple or Safari. All report being faster and more secure than Microsoft, which in my opinion is kind of a low bar to hurdle.

Mostly it’s a personal preference, one browser will have a feature or two you like or it will  seem faster, looks better or is easier to do what you want. Even IE7 has what are called Plugins, small programs that install within your browser to add a new feature and can customize the look and options you want.

Keep Any Browser Up to Date

No matter which browser you use, keep it up to date. Your browser is your window to the Internet, but it’s also a window from the Internet to your PC. It’s the most common way the bad guys can access your computer. From getting you to download programs that can record your keystrokes and send them back to the bad guys, to getting you to click on a link that takes you to a bad website that can fool you in thinking it’s your bank or even the IRS, called Phishing or to a website that will download software to your computer without you even knowing it. Most modern browsers have ways to combat most exploits, but new ones are being created every day.

So keep your operating system and your browser up to date. Even the most secure browsers have security problems, but they get fixed and spread to their users via updates.  And just like operating system updates, now all the bad guys know there’s a problem with an older version. Don’t make it easy for them. UPDATE.

More about being secure online next time.

Links:

• Test Your Browsers Security
• Apple Safari (for PCs)
• Opera
• Firefox
• IE7
• Windows Update
• Phishing
• Linux
• Google Chrome

Backing up your data even on a desktop is essential and it’s one of those things everyone knows they should do, but no one does. People usually wish they would have backed after something happens. Because most humans are lazy, especially about backups, the best backup solutions have the least amount of human involvement. The best backup system is the one you will use, consistently and can restore your data easily.

Thumb Drives

Flash drives, also known as thumb drives or USB drives can be connected to your laptop in seconds. If your laptop has a built in card reader you can also use SD or Compact Flash memory as a drive.

For backing up to another hard drive or flash drives, I like Syncback from 2BrightSparks. There are several versions of Syncback, including a completely free version. For something that’s as important as your data, you need something reliable and easy to use. It’s extremely flexible and will allow you to backup to any kind of drive, including FTP (more on that later). You can choose to backup or synchronize directories on different computers like home and laptop. You can automate backups using Syncback with several different options, including any time a file is changed, it gets backed up.

If your backing up sensitive data to a removable drive, encrypt it with TrueCrypt in case you lose it.

While backing up to a removable drive is good, backing up “offsite” is even better. You can’t lose it and if something happens to your truck (or house) or you have to evacuate the truck or house in a hurry you can rest assured your data is current and safe.

Offsite Backup

There are several solutions for offsite backup, most cost something. Most are reasonable and easy to setup. Every time you’re online you’re able to backup your data. If you’re using WIFI or a slow connection, a complete backup of your entire drive may be unreasonable, but if you do your initial backup at home, you will only need to backup files that have changed while you’re on the road.

Sites like Carbonite make things simple and for unlimited storage at $50 a year, it’s not bad. It automates the backup process and works in the background while your computer is idle. There are several other online storage companies doing the same thing, but even companies like Xdrive with AOL can go out of business. Most of the time they give plenty of notice so you can find alternatives and retrieve your data.

Amazon S3

Amazon has a storage service called S3. It’s a little more complicated, but you only pay for what you use. There are utilities like Jungle Disk that create an easy to use interface for backing up and storing files. It also comes in Mac and Linux versions.

Dropbox

Dropbox is a new startup, 2 gb free but you can upgrade to 50gb. Dropbox is available for Mac, Linux and Windows. Dropbox not only stores your files, it can sync files between computers with different operating systems as well. You can share a separate folder to the public.

If you happen to have a website you can use the space by transferring files to that server using a FTP client or Syncback’s FTP feature. I’m not sure I would buy shared hosting as storage because some of the hosts that advertise “unlimited” storage, it’s not really unlimited, but it’s possible.

Store More Online

You can also keep as much of your work online. Using sites like Flickr, Picasa or even Facebook for your photos will ensure your photos are always safe. Google Docs allows you to create/upload/download documents and spreadsheets online. Even Microsoft has begun an Office version of keeping your documents on the Internet.

Bottom Line

The bottom line here is automate and keep it safe. The less you have to think about doing it, the more it will get done. Some of these solutions take more time to setup than others, but it’s time well invested.

Our computers are now safe as they can be and our data is safe and secure. Next time, staying secure online.

Links:

• TrueCrypt
• Carbonite
• Amazon S3
• Jungle Disk
• Flickr
• Picasa
• Google Docs
• Microsoft Office Live
• Facebook
• Dropbox

BIOS Passwords

When your computer is first turned on or restarted it goes through what’s called the POST – Power On Self Test. While your RAM and other things are tested, you may see instructions on what key to press to enter the BIOS settings. Computer manufactures have their own unique key combination and key to enter the BIOS aren’t on the screen, here’s a list of possibilities by manufacturer. If you don’t know what your doing this could be a dangerous area to start changing things, so just enter a password, save and exit.

Make this password easy for you to remember. If you forget this password depending on the computer (actually the motherboard / bios maker) it could be something you will need to have professionally recovered.  Toshiba laptops have  a separate security chip that can only be professionally replaced. Others can be reset by a jumper on the motherboard or taking out the CMOS battery, it just depends.

Windows Passwords

Basically a waste of time. If you want your XP to automatically logon or no password at all, there are a couple of ways to do it. You probably should have some sort of Windows password but it’s too easy to crack to put too much faith into it. Google cracking windows passwords and there are free utilities and even keyboard combinations that will crack or bypass Windows passwords easily.

If your computer is stolen, your main concern is keeping the thieves out of your personal information so you don’t have to worry about identity theft on top of missing your laptop.

Drive Encryption

Windows is able to encrypt a directory or a disk drive that is using the NTFS file system (which if you’re on XP or Vista, you’re probably already using NTFS). If you right click on a directory, click on properties, then check the encrypt box. In my opinion it’s a waste of time because if you’re logged in (see above cracking of windows password) you can see that directory or drive.

There are several utilities that will encrypt your entire hard drive or just a directory or two.

TrueCrypt at truecrypt.org is a free open-source disk encryption software for Windows Vista/XP, Mac OS X, and Linux. Unless you want to start messing around with your Boot Record, I would just create a virtual drive where you can keep your sensitive documents. Or move your entire My Documents folder to an encrypted drive. Otherwise you’re getting into territory where I’d have to charge you. Plus if you encrypt you’re entire drive, a large hard drive will take almost forever to encrypt. But after it’s done there is hardly any overhead and you probably won’t notice any slowdown.

Unless the thieves have seen this video or went to Princeton, your data is probably pretty secure.

This just proves that anything can be broken into with enough work. I would still use it, because the everyday thief that is breaking into your truck and sees an opportunity probably isn’t going to be doing this procedure.

Most software, including TrueCrypt can encrypt most drives including thumb USB drives. If you want a hardware encryption, look at Iron Key, “The World’s Most Secure Flash Drive”

Physical security is self-explanatory. Don’t leave your laptop unattended.  I have too much stuff on my computer and even though a thief wouldn’t get my personal data (more on that later), they still have a laptop they could replace the hard drive and be good as new.

There is really only one way available to secure your laptop while your in the Internet Cafe and that’s with a Kensington lock. Kensington was the first, but other manufacturers are making the same style of lock nowadays. Almost all laptops sold in recent history have a slot for a Kensington lock. It’s basically a steel cable you connect to your laptop and wrap the cable around something solid. There could be a lock at one end with a loop or some kind of lock on both ends.

Given enough time, cables can be cut, locks can be picked, but hopefully in a crowded truck stop that kind of behavior would be noticed and someone would say something.

Another option is a laptop alarm. If the cable is cut or the USB connection is pulled out the alarm sounds.

If after your two minute restroom break you come back and you alarm didn’t go off, your cable was cut and your lock was picked and now your laptop is gone, now what?

Since your Lojack for Laptops is installed, no worries. If your laptop is stolen, call the Computrace center and report it stolen. The next time your laptop connects to the internet, Computrace calls the authorities with the location of your stolen laptop. The thief will have to replace or format the hard drive to erase the Lojack software, but if you have a computer bios with a piece of the Lojack software, it reinstalls itself and alerts the monitoring center.

There are similar systems out there that will show their location when the laptop or desktop connects to the internet. One that doesn’t require police intervention is Laptop Cop. The next time your laptop goes online not only does it broadcast its location, but you have access to your laptop so you can erase sensitive files.

Links:

Kensington Locks at Amazon

Belkin USB Laptop Security Alarm at Amazon

Lojack for Laptops

Laptop Cop