Links
Search
    Google
    Tip of the Day Blog
    The Web

Entries in Security (29)

Friday
Jun212013

Why You Don’t Need to Install a 3rd-Party Firewall

DateFriday, June 21, 2013 at 08:44AM

Why You Don’t Need to Install a Third-Party Firewall (And When You Do)

windows-firewall-alert

Firewalls are an important piece of security software, and someone is always trying to sell you a new one. However, Windows has come with its own solid firewall since Windows XP SP2, and it’s more than good enough.

You also don’t need a full Internet security suite. All you really need to install on Windows 7 is an antivirus — and Windows 8 finally comes with an antivirus.

Why You Need a Firewall

The primary function of a firewall is to block unrequested incoming connections. Firewalls can block different types of connections intelligently — for example, they can allow access to network file shares and other services when your laptop is connected to your home network, but not when it’s connected to a public Wi-Fi network in a coffee shop.

A firewall helps block connections to potentially vulnerable services and controls access to network services — particularly file shares, but also other types of services — that should only be accessible on trusted networks.

Before Windows XP SP2, when the Windows Firewall was upgraded and enabled by default, Windows XP systems connected directly to the Internet became infected after four minutes on average. Worms like the Blaster worm tried to connect directly to everyone. Because it didn’t have a firewall, Windows let the Blaster worm right in.

A firewall would have protected against this, even if the underlying Windows software as vulnerable. Even if a modern version of Windows is vulnerable to such a worm, it will be extremely difficult to infect the computer because the firewall blocks all such incoming traffic.

Why the Windows Firewall is Good Enough

The Windows Firewall does the exact same job of blocking incoming connections as a third-party firewall. Third-party firewalls like the one included with Norton may pop up more often, informing you that they’re working and asking for your input, but the Windows firewall is constantly doing its thankless job in the background.

It’s enabled by default and should still enabled unless you’ve disabled it manually or installed a third-party firewall. You can find its interface under Windows Firewall in the Control Panel.

When a program wants to receive incoming connections, it must create a firewall rule or pop up a dialog and prompt you for permission.

When You Would Want a Third-Party Firewall

By default, the Windows firewall only does what’s really important: block incoming connections. It has some more advanced features, but they’re in a hidden, harder-to-use interface.

For example, most third-party firewalls allow you to easily control which applications on your computer can connect to the Internet. They’ll pop up a box when an application first initiates an outgoing connection. This allows you to control which applications on your computer can access the Internet, blocking certain applications from connecting.

Power users may love this feature, but it’s probably not a good feature for the average user. They’ll be charged with identifying applications that should be allowed to connect and may block background-updater processes from connecting, preventing their software from updating and leaving it vulnerable. It’s also a very noisy task, as you’ll have to confirm a prompt box every time a new application wants to connect. If you really don’t trust a program to connect to the Internet, perhaps you shouldn’t be running the program on your computer in the first place.

Nevertheless, if you want outgoing-connection management, you’ll probably want a third-party firewall. They also offer an interface where you can more easily view statistics, firewall logs, and other information.

For most users, using a third-party firewall just introduces unnecessary complexity.

Advanced Windows Firewall Features

The Windows firewall actually has more features than you might expect, though its interface isn’t as friendly:

A third-party firewall is a power-user tool — not an essential piece of security software. The Windows firewall is solid and trustworthy. While people can quibble about the Microsoft Security Essentials/Windows Defender virus detection rate, the Windows firewall does just as good a job of blocking incoming connections as other firewalls.

AuthorMiguel M. de la O | Comments Off |
in
Friday
Sep282012

How to Track and Recover Your Stolen Laptop with Prey

DateFriday, September 28, 2012 at 08:11AM

How to Track and (Potentially) Recover Your Stolen Laptop or Android with Prey

Laptops are lighter and more powerful than ever; they're also easier to steal. Luckily, a genuinely versatile and powerful track-and-recover application is also free. Here's how Prey works, and how it could save you a month's rent in new laptop cost.

Why Prey?

There are obvious reasons to like Prey. Chief among them, it's free to use for up to three devices of any kind, from computers running Windows, Mac, or Linux to Android devices. But that wouldn't mean anything if the tracking Prey provided wasn't really solid. It's not fool-proof, especially if the thief wants to entirely wipe your computer or phone, but if that's not the case, it gives you a fighting chance.

We'll tell you why in readable text, being a blog and all, but we think our video walkthrough, embedded above, tells the tale even better—with old-timey music, too, courtesy of Incompetech.

On a laptop with a webcam, a Wi-Fi chip, and Prey installed, it's a good bet you'll have a photo of your thief and an approximate location on them just as soon as they have your computer running for a few minutes. You don't have to actively search, either—devices with Prey installed in the background "phone home" to your web-based account every 20 minutes by default (you can decrease this interval), spilling their guts about everything they're doing.

Full size

Webcam snaps, desktop screenshots, lists of modified files and running programs, network data galore, and much more are provided to those who want to quietly track their, uh, prey. If you'd prefer to think that maybe someone just found your device, you can set read-aloud alerts, fire off alarms, change the system wallpaper, lock it with a password, and remotely wipe out your browser data—all from any browser you can get to.

The basics of installing and using Prey are covered in the video, but here's a brief run-through:

Step One: Set It and Forget It

Full size

Head to Prey's download section, grab the package for your system (again, Prey supports Windows, Mac, Linux, and Android), then install it as normal, creating an account as you do so. The only major issue to address is how you want to control your system and track it if it goes missing. Most people will want to stick with the default, web-based standard method, but those who would prefer an email-based, server-controlled tracking setup can explore an "Advanced" option. I'm focusing on the default Prey + Control Panel setup.

Because it's tracking software that doesn't want to be seen, Prey is almost invisible when it's running on your system, without any configuration or executable files to be seen. In fact, once you've deleted the installer, you shouldn't be able to find Prey at all in your system, because that's the idea. It quietly and quickly checks in with Prey's servers in the background, at an interval you decide, to see if the owner has logged in and marked it as stolen. That's all it does—until you flip the switch on Prey's servers to note that it is, in fact, stolen, or ask for an update on the hardware profile.

Full size

After you've installed Prey and set your defaults, log into Prey's web center, and peek at the basic configuration tools. You can give each of your devices a unique name, clarify its details, and change the frequency of its reporting time. You can set the frequency to a reasonable 20 or 30 minutes now, but don't worry—you can update it as soon as your device is swiped, so you won't be wasting those precious early minutes wondering what's up.

Step Two: Set Your Modules

Full size

The Modules menu on Prey's site determines what happens when your device checks in and notices that it's stolen (if only computers could recognize their strange meta-existence). There are two types of modules: the quiet, informative "Report" modules, and the more aggressive "Action" modules that secure your data, and likely let the thief or finder know that you know your stuff is missing—and that you've got a way to track it.

Full size

Report Modules: In general, you'll want to switch all these on. You never know what might come in handy, and it's not too much more effort for Prey to grab any one item more than the others. You can set limits on how much raw modified data and running program information is thrown your way, but the defaults are fine, if voluminous. The most important module to turn on is Geo, which uses Google's Wi-FI location API to try and triangulate a laptop's location—or the GPS chip in an Android for very accurate positioning.

The main exception would be the "Webcam" option. If your laptop has a webcam that must activate a very distinct light or LED before snapping a picture, it could be an obvious give-away and tip your hand. MacBooks, for example, turn on a green LED when grabbing images from the webcam. If you wanted to go stealth and not let the unlawful owner know you had them, you could shut this off—but you'd likely be better off trying to grab at least one picture of the thief unawares. (He or she may not be perceptive or paranoid enough to catch what's going on.)

Full size

Alarm modules: When subtle won't work, Alarm Modules provide you with your next best chance of alerting the thief, the person who bought stolen goods from the thief, and potentially anyone near them, that your laptop is your laptop. Failing that, some alarm modules can at least wipe out any potentially revealing information about you.

Alarm, Alert, Change Wallpaper, and the password-protected Lock are pretty self-explanatory. Our volunteer "thief" Whitson reported that the alarm is, in fact, quite loud and attention-getting, and that the pop-up alert comes up over anything else you may be doing.

The "Secure" module is where you make your big security decisions. You can set Prey to wipe out your entire password keychain, delete data from Firefox, Safari, or Chrome (sorry, Opera users), or wipe down Outlook or Thunderbird. A total account wipe-out would be a nice option, of course, but there's likely a compromise between making Prey still active and having data deletion access.

Android SIM Protection

Android phones set up with Prey actually have fewer reporting and alarm modules than laptops, but they do have one unique feature: SIM card protection. If a thief attempts to swap out the SIM card in your phone, the new SIM number is captured and text-messaged to a contact you set up in the Prey options. With that kind of data and a police contact, you're pretty close to tracking down your phone.

Step Three: Using Your Reports

Full size

So you've registered Prey on your laptops and Androids, and if it gets stolen, you'll get an email announcing a new report is drawn up every X minutes. Now what?

First things first, report your laptop or device stolen to the police. The cynical may assume they don't care or don't have the know-how to track your gear, but the cynical often aren't shielded members of a law enforcement agency. Give the police everything you have on your device, including serial numbers, identifying stickers or characteristics, and the last place you knew you had it. It never hurts. When using the similar "Find my iPhone" feature of the MobileMe service, police in Madison, Wisc. were able to track down two iPhones stolen from a store. Your mileage will vary, but it's best to head through official channels first.

If you're on your own, you can hope that the thief or other person toting your laptop makes a regular run of certain Wi-Fi spots. You'll have the IP address they're connecting outward from, the name and details of the Wi-Fi spot they're connecting to, and a list of the programs they're running, connections they're making, and other details. Your best hope is that geo-location through available Wi-Fi can point you somewhere unique in an uncrowded neighborhood, or that the Wi-Fi they connect to is unique and identifiable—"JoesCoffee", "246JonesSt", or something similar would be ideal. If your webcam can grab a clear snap of the thief, all the better. If you've got nothing quite so unique and helpful, a visit to the traceroute and other tools at network-tools.com (or nearly any site resulting from a "traceroute" Google search) can potentially get you closer to your missing goods.

In any case, contact your local police rather than try and pin the phone down yourself. One blogger snatched back an iPhone with some help from friends, but he suggests your journey might not have such a funny ending.

How to Track and (Potentially) Recover Your Stolen Laptop or Android with Prey

AuthorMiguel M. de la O | Comments Off |
in ,
Monday
Aug272012

Turn on Google two-step authentication

DateMonday, August 27, 2012 at 08:30AM

No excuses: It's time to turn on two-step authentication

Your Google account holds your e-mail, apps, music, books, documents, cloud storage, credit cards and more. It’s time to protect that stuff with more than a simple password.

If you’ve been watching the wider tech world over the past couple of days, you’ll be familiar with the recent misfortune of Wired writer Mat Honan, who succumbed to a devastating hacking attack that annihilated his iCloud, Twitter and Google accounts and locked down several devices in the process.

In Honan’s case, the attack was enabled by compromised (yet publicly available) personal info, as well as failures by Amazon and Apple customer support, rather than a traditional brute-force attack or contact with malware. But a crucial part of what allowed the attackers to take down not only his Apple accounts and devices, but also his Gmail and Google stuff, was the fact that he wasn’t using Google’s two-step authentication to protect his account.

Stories like these always bring home the importance of basic digital security precautions. And one of the most basic, yet most effective steps you can take to protect your account is turning on two-step.

Read on to find out how and why you should do it.

What is two-step authentication?

Google Two-Step AuthenticatorTwo-step authentication adds an extra layer of security by requiring you to enter a six -digit code, generated by Google and sent to your phone, when you sign into your account. That means even if your password is cracked, your account should still be safe. Chances are whoever’s trying to break into your account from afar also doesn’t have your phone in their possession, so they can't get that secondary code.

You can set up six-digit verification codes to be sent via SMS, or if you’re an Android, BlackBerry or iPhone user, there’s an app called Google Authenticator, which you can use to generate a code instantly. These apps work by accessing your Google account on your phone, then scanning a secret barcode on-screen using the phone’s built-in camera.

What about Android devices and certain ap​ps?

Android CentralSometimes an app or device that uses your Google account isn’t able to ask you for a verification code, or it isn’t practical or desirable to have it ask for one. The main example here is Android devices. Sign into one with two-step authentication enabled and you’ll need to use an “application-specific password” instead. These are passwords that give a single app or device access to your Google account at any one time. You can get to them by navigating to accounts.google.com and clicking “Security” from the sidebar, then “Authorizing applications and sites.”

Yes. This part is a pain. But it's important to do.

For example, if you’ve got a Galaxy Nexus and a Nexus 7 tablet, you’d create one for the phone and another for the tablet, and you'd only need to enter it once on the device you're using it for. If you need to stop either from being able to access your Google account, for whatever reason, you can simply hit “revoke” next to the name of the device. And as that password is 16 characters long and only usable by one app or device at a time, everything’s kept securely siloed.

Contingencies

Two-step authentication is good, but it isn’t flawless -- what if your phone’s stolen, for instance? To make sure you’re not locked out of your account if the unexpected happens, Google has a few contingencies in place:

  • When you first sign up for two-step authentication, you’ll be asked to provide backup phone numbers, which you can use to get hold of a six-digit verification number in the event that your primary phone is indisposed.
  • You’ll also be given a set of backup codes, each of which allows you to sign in once. If your main phone is unavailable, and you’re unable to get to any of your backup numbers, this will allow you to sign in once and set things straight.
  • Contrary to what you might think, the Google Authenticator app for Android doesn’t require an Internet connection to work. Even in airplane mode, it’ll generate a working verification code.
How two-step could’ve helped Mat Hona​n, and how it might help you

Amazon and Apple’s customer service blunders (combined with iCloud’s lack of two-step security) had already ensured that Mat Honan’s iPad, iPhone and Macbook were toast. However, enabling two-step auth. could’ve saved his Google account, and the Twitter accounts that were associated with it.

Assume you don't have two-step authentication turned on. If you want to try to recover your password (because you're dumb and forgot it), you're given a few options for account recovery. Part of this involves letting you send a recovery email to an alternative email address you've already linked, and this is only partly obfuscated on the recovery page. That’s how the hacker got into Mat Honan’s account -- without two-step, his recovery address of m******n@me.com was easy to guess. From there, it was simply a case of taking advantage of lapses in Amazon and Apple’s customer services security to take over that account, and then have a password reset email sent to that me.com address.

Had two-step authentication been enabled, the hacker would’ve instead seen a message like this when they attempted password recovery -- an instant roadblock in their attempts to hijack Honan’s Google account.

Android Central

Journalists, especially those dealing in technology, aren’t normal cases when it comes to phone or web account usage, so if you're not broadcasting your name all over the Internet, you're less likely to fall victim to these kinds of shenanigans.

Nevertheless, it's a simple and easy precaution, and one that everyone with a Google account, and particularly those heavily invested in Google's ecosystem, should take. Depending on how you use Gmail, an attacker gaining control of it could effectively have the master keys to your digital life. What's more, they could gain access to all the purchases and other content associated with your Google account -- if you're a big Android user, that could amount to a significant quantity of stuff. Worse still, if they pulled the plug on your account, you might lose all of this.

So despite the minor, occasional inconvenience, please, please turn on two-step authentication on your Google account.

No excuses: It's time to turn on two-step authentication | Android Central

AuthorMiguel M. de la O | Comments Off |
in ,
Friday
Mar302012

Disable AutoRun to Stop 50% of Windows Malware Threats

DateFriday, March 30, 2012 at 08:23AM

Disable AutoRun to Stop 50% of Windows Malware Threats

According to a biannual Security Intelligence Report from Microsoft, AutoRun—the feature in Windows that automatically executes files when you plug in a USB or connect to a network—accounts for almost half of all malware infections. That's really damn high.

To be clear, these are infections that don't require any user-input from you, so it's kind of not your fault that your computer gets infected. By turning off AutoRun, you'll add an extra step to certain tasks, but it's worth it to cut down on malware 50%.

What's also interesting in this report is that Windows XP SP3 systems get infected about ten times as much as Windows 7 SP1 64-bit systems, and six times as much vs. 32-bit Windows 7 systems. That alone is one reason why you might want to upgrade your parents' machines to Windows 7.

The easiest way to disable AutoRun is to download a free utility like Disable AutoRun or previously mentioned Panda USB Vaccine, run it, and call it a day (these apps are made specifically to turn off AutoRun). On the other hand, if you're comfortable with editing the registry, here's a quick guide to doing it yourself.

Windows XP Has 10-Times The Infection Rate Of Windows 7 | Ghacks

Disable AutoRun to Stop 50% of Windows Malware Threats

AuthorMiguel M. de la O | Comments Off |
in , ,
Thursday
Sep292011

Check If Your Password Has Been Compromised

DateThursday, September 29, 2011 at 08:43AM

ShouldIChangeMyPassword Tells If Your Password Has Been Compromised

The last year has seen a number of high profile security breaches. ShouldIChangeMyPassword tells you if your login was among the compromised.

The biggest problem with the compromises (such as the high profile ones at Sony, Gawker, MySpace, and more) is that many people use the same password for multiple services. Once hackers know your login at one service they can then try it out at multiple services and potentially gain access to other services.

ShouldIChangeMyPassword calls on the released databases (many of the hacking groups released the compromised account databases as evidence of their successful breach) and tells you if your email as among the breached systems. We plugged in an email address we knew had been involved in at least one breach last year. Here were the results of the search:

So what do you do if your email address shows up as a breached account email address? You need to start changing your passwords. Check out our guide to recovering from a serious password breach for tips and tricks to help lock down your accounts with secure passwords. If you’re in the habit of using the same or similar passwords for most of the services you use, you should change them anyway. ShouldIChangeMyPassword only pulls from the databases that groups have released after high profile breaches; it doesn’t give you an absolute answer on whether or not all your passwords are secure.

 

ShouldIChangeMyPassword Tells If Your Password Has Been Compromised - How-To Geek ETC

AuthorMiguel M. de la O | Comments Off |
in
Page 1 2 3 4 5 ... 6 Next 5 Entries »