Beat Obama’s Bandits With TrueCrypt Free (Open-Source) Encryption

The so called “War on Terror” has long since lost its luster and should be appropriately reclassified as The War of Terror. The U.S. has been singularly impudent in terrorizing the terrorists but instead, it has managed to terrorize the rest of the world using a system of surveillance schemes that have gone off the board. Chalk one up for Al Qaeda – the only winners in this debacle.

In the meantime, Americans continue to live in fear – trading away freedoms for security in a war that is simple unwinnable. Obama, despite his assurances that he would “fight terrorism while maintaining our civil liberties” has been a principle mover in this assault on democracy.

And, the master of the reversal has more –

Obama, in a 2008 election sound bite, drew a sharp contrast with the Bush administration which he proclaimed, offered Americans “a false choice between the liberties we cherish and the security we demand.” And for good measure – for stooping “to spy on citizens who are not suspected of a crime.” It’s a surreal world we live in, is it not?

But why be satisfied with my ramblings? Here’s the video.

As America continues its slide into Fascism (eagerly joined in the venture by Canada, Australia, the U.K. and countless other self-advertised “democracies”), the justified expectation held by these governments is – you – yes, you – will take no active part in expressing your outrage at the escalating intrusions into your private life. Sadly, the undermining of democracy, or more to the point, democracy as we though we knew it, continues apace.

As a consequence (hardly the only consequence, of course), encryption technology is once again in the spotlight. And no, using encryption does not mean that one has something to hide.

Sophisticated and  aware computer users know, that financial data and other confidential information, can easily be subject to intrusive viewing by those not authorized to do so.

Putting Obama and his bad boys aside, here are some examples of how this might occur:

Internet malware attack: Increasingly, statistics reinforce the fact that financial data continues to be targeted by hackers/information thieves, for the purpose of identity theft.

Contrast that reality with these facts; there is no such thing as a totally secure Internet connected computer. All Internet connected computers are subject to attack and compromise.

Lost or stolen Laptop: How often have we read the following – 200,00 (insert your own number here), bank account numbers, Social Insurance Numbers, names, addresses and dates of birth were on a laptop stolen/lost earlier this week.

In too many of these cases, negligently, the data is unencrypted. Certainly Laptop theft or loss is not restricted to organizations; it can just as easily happen to you.

Lost or stolen USB drive: Since USB flash drives are so portable, you can take a drive virtually anywhere. Just like most items that are portable and that you carry with you, this type of drive can be lost, or stolen.

To reduce or eliminate the security threat of sensitive data exposure then, the most prudent course of action is data encryption. Essentially, data encryption is a secure process for keeping your sensitive and confidential information private. It’s a process by which bits of data are mathematically jumbled with a password-key. The Encryption process makes the data unreadable unless, or until, decrypted.

It happens to us all: Just this past week, I lost not only my house keys (first time ever) – but the USB key attached to the keychain. If you guessed that the drive was encrypted – take a bow.  

TrueCrypt:

TrueCrypt is an outstanding free open source software application for establishing and maintaining an on-the-fly-encrypted volume. On-the-fly encryption simply means that data are automatically encrypted, or decrypted, just before they are loaded or saved – without any user intervention. The program automatically and transparently encrypts in real time.

No data stored on an encrypted volume can be read (decrypted) without the correct password/key file or correct encryption keys. The entire file system is encrypted (i.e., file names, folder names, contents, free space, Meta data, etc.).

Files can be copied to and from a mounted TrueCrypt volume just like they are copied to/from any normal disk (for example, by simple drag-and-drop operations). When you turn off your computer, the volume will be dismounted and files stored in the volume will be inaccessible and encrypted. You may of course, manually dismount the volume.

TrueCrypt offers a number of options – you can store your encrypted data in files, partitions, or on a portable storage device such as a USB flash drive.

Installation is simple and straightforward – no gotchas here. Lots of steps – but easy steps.

If you choose “Keyfiles”, be sure you understand the ramifications. This is an extra security step which has limited application for a home user. You do not need to select this option.

And – Win 8’s File Explorer reports that the volume has been setup successfully. If you expand the graphic below (click), you’ll also notice my first TrueCrypt volume on this HD from May 9, 2006.

Indicative of this application’s popularity is the fact that it is downloaded tens of thousands of times each day, across the Internet.

Fast Facts:

Creates a virtual encrypted disk within a file and mounts it as a real disk

Encrypts an entire hard disk partition or a storage device such as USB flash drive

Encryption is automatic, real-time (on-the-fly) and transparent

Provides two levels of plausible deniability, in case an adversary forces you to reveal the password – Hidden volume – No TrueCrypt volume can be identified (volumes cannot be distinguished from random data)

Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS

Ability to encrypt a system partition/drive (i.e. a partition/drive where Windows is installed) with pre-boot authentication (anyone who wants to gain access and use the system, read and write files, etc., needs to enter the correct password each time before the system starts

Pipelined operations increasing read/write speed by up to 100% (Windows)

I’ve been using TrueCrypt for a number of years, and I have developed a lot of confidence in this outstanding application. If you determine that encryption of your sensitive data is a priority, I highly recommend that you give TrueCrypt a try.

How effective is TrueCrypt? If you have any doubts as to how effective TrueCrypt really is, then read this article. FBI hackers fail to crack TrueCrypt:

The FBI has admitted defeat in attempts to break the open source encryption used to secure hard drives seized by Brazilian police during a 2008 investigation.

System Requirements: Win 8, Win 7, Vista, XP, Mac OS X, and Linux.

Download at: TrueCrypt

The Tool Designed To Fool – We Don’t Want No Stinkin’ Toolbar! (Revisited)

In today’s Tech Thoughts Daily Net News column, you’ll find a link to Ed Bott’s – How Oracle installs deceptive software with Java updates. So, what’s new here? Not as much as you might think – unfortunately.

I first posted on the issue of unwanted Toolbars – or, PUPS (potentially unwanted programs) – in March 2010. Based on the indignation shown by the majority of commenters – it just might be worth another read.

—————————————————————————————————

MEMO TO: SNEAKY FREEWARE DEVELOPERS

You give me your software for free as a marketing tool, with the hope of course, that I’ll upgrade to the commercial version of your application.

That’s cool, that’s smart, (it cost you nothing by the way) – nevertheless, I’m appreciative.

But you don’t stop with just the free use of your application, you piggyback a toolbar, or some other non-essential item, as part of the install package. Listen, I understand, you want to install a toolbar because you get paid by the toolbar developer. Even that’s OK – but you do it in such a sneaky way that it really pisses me off, and that’s not OK.

Worse, if I don’t like your application and uninstall it, you open your Internet site, following the uninstall, using my Internet Browser – even if I don’t give you permission by allowing the connection. In my view, that’s a form of hacking. You need to take a refresher course in ethics.

I’ve been around the Internet for a few decades, so it’s not often I get caught in your schemes to install unwanted software on my machines, but less experienced users are often caught in your carefully laid traps.

Here’s a sample of the outrage a typical user, who got trapped by unethical behavior, feels – a comment on my site left by an outraged reader, several days ago, following her installation of Miro.

I thought I’d give this a try, since I watch Hulu quite a bit, and I’m sooo angry I did. Miro installed Bing Search toolbar, which I didn’t want or agree to install (using firefox) and it wiped out all my default search engines for Firefox.

Now I’m trying to figure out how to get Firefox back to normal. Beware!!!!!!!! I don’t trust companies that install things without your consent or knowledge.

In this particular instance it’s true that the EULA covers this situation, but here’s the question. Why does an average user need to read a Eula in order to find an alternative installation solution?

An accusation of unethical behavior doesn’t begin to cover this case – sleazy; vulgar; dishonest; sordid; are much more appropriate.

You, the unethical developer, are not alone in attempting to profit by toolbar inclusion in freeware applications. More and more, high profile developers who offer a stripped down version of their commercial applications as freeware, are involving themselves in this highly questionable practice.

So here’s a question for the “ethical” freeware providers. How many toolbars do you think an average user needs? Ten? Twenty? Thirty………….. Just so you know, a Google search for “toolbar”, returns 167 Million results!

I can already hear your answer “ but the user can uncheck the appropriate box when installing the application”. Right! Unless you’re detached from the real world (and, you may well be), you’re more than aware that a typical user does not uncheck this box. Then, over time, the user is at a loss to explain why their machine has slowed to a crawl.

Could it be because your toolbar, along with twenty others, all installed in a furtive way, become active at startup – ya think!!

So, just stop with the crapware already. If you’re pissing me off, just consider what you’re doing to an average user.

Glary Utilities 2.52 – A Free Collection of System Tools and Utilities – In 2 Flavors

Glary Utilities Free (last updated Jan. 9, 2013), is a reasonably complete set of system tools with which even a relative newcomer to the computing game can tweak, repair, optimize and improve system performance. Since discovering Glary Utilities years ago, it has remained my go-to application for system maintenance and cleanup.

With a graphical user interface arranged in a clean straightforward manner, you can quickly find the tool you’re looking for: disk cleaner, uninstall manager, secure file deletion, memory optimizer, registry cleaner, duplicate file finder, tracks eraser, empty folder finder; a very convenient feature for those of us who like to test drive new software.

Installation: YIKES!!!!

You can avoid all of the above (strongly recommended), by selecting the Slim Version – no toolbar. Alternatively, choose either of the two Portable Versions as per the following screen shot – no toolbar.

I suspect that there may be users who see the advantages of installing a Toolbar such as the one offered as part of this installation package. Quite frankly though, I’ve yet to meet one. For a taste of my views on Toolbars please see – We Don’t Want No Stinkin’ Toolbar!

For users who are comfortable with a “one click” solution – Glary Utilities covers the basics nicely.

Results: running the Standard Version installed on an SSD HD. Scan time – 2 minutes and 8 seconds.

Results: running the Portable Version from a Flash drive. Scan time – 2 minutes and 8 seconds.

Dig a little deeper: The hands-on crowd can dig into the individual Modules and clean and massage their machine to their heart’s content.

Users can even avoid the frustration of having to hunt down a number of standard Windows tools by selecting the appropriate tool from the System Tools menu.

You can comfortably fine tune the application using the clear and precise Settings Menu. While the “Settings” menu is often the last item to be looked at following an application installation, it should be at the top of the “to do list” prior to running any new application. Unpleasant surprises can be avoided with a little prep work – first.

Of particular interest, to those of us who work with files using a “context menu”, Glary Utilities has a nice selection of new items which will be added to Windows Explorer.

There are those who will take comfort in an included “Restore Center” but, a more prudent course to follow is – prior to completing any significant system changes – take the time to generate a manual Restore Point.

Fast facts:

Disk Cleaner – Removes junk data from your disks and recovers disk space

Registry Cleaner – Scans and cleans up your registry to improve your system’s performance.

Shortcuts Fixer – Corrects the errors in your start menu & desktop shortcuts

Uninstall Manager – Uninstalls programs completely that you don’t need any more

Startup Manager – Manages programs which run automatically on startup

Memory Optimizer – Monitors and optimizes free memory in the background

Context Menu Manager – Manages the context-menu entries for files, folders…

Tracks Eraser – Erases all the traces,evidences,cookies,internet history and more

File Shredder – Erases files permanently so that no one can recover them

Internet Explorer Assistant – Manages Internet Explorer Add-ons and restores hijacked settings

File Encrypter and Decrypter – Protects your files from unauthorized access and use.

Disk Analysis – Shows you the disk space usage of your files and folders

Duplicate Files Finder – Searches for space-wasting and error producing duplicate files

Empty Folders Finder – Finds and removes empty folders in your windows

File Splitter and Joiner – Splits large files into smaller manageable files, and then rejoin them.

Process Manager – Monitors programs that run on your PC and stop spyware and Trojans.

Windows Standard Tools – Provides direct access to the useful windows default functions.

Current Version: 2.52.0.1698.

File Size: 8.59 MB.

Release Date: Jan. 9, 2013.

System requirements: Windows 8, 7, 2000, XP, Vista. 32/64bit versions.

Languages: 23 Languages.

Download at: Glarysoft

New! Up And Coming Giveaways At Glarysoft

Software Giveaways! Freebies! Try before you buy! If you like it – pay whatever you want! And, I’m sure I’ve failed to list any number of similar marketing schemes. Who can keep track of them all.  

Internet users would be hard-pressed indeed, to have not noticed the  proliferation of “giveaway sites” that have popped up over the last few years – some of which are simply trash – both in presentation, and selection.

Personally, I have no interest in running an obstacle course (many of these sites test a user’s patience), to obtain an application I’ll likely delete from my HD within a few days. Nor, I suspect, do most users.

Recently, I’ve noticed a type of strategic alliance between well established developers with a reputation for excellence and, lesser known (and perhaps late to the party) developers.

For example, this past week Serif Software, in one of their occasional marketing emails, wrote – We’ve got great news! As a valued Serif customer, you can snap up Zemana AntiLogger for an amazing $19.99.

Let me point out that Zemana AntiLogger is a “best in class” security application and, Zemana is not late to the party. (I’ll post a new review on this app in the next few weeks).

Ah, serendipity. As I’m writing this, as luck would have it, I just received another marketing email from Serif – Award-winning TuneUp Utilities just CA$19.95 – that’s 60% off!

Fix, speed up and maintain up to 3 PCs, all for just $19.95 when you download TuneUp Utilities 2013 today! That’s a massive 60% saving and $30 off the $49.99 list price, only with this special email offer.

TuneUp Utilities – another outstanding application – familiar to regular readers, who will remember the free license giveaways we’ve sponsored here in the last few years.

But, I digress.

Glarysoft – the developer of the highly rated Glary Utilities (well know to regular readers here), has taken a slightly different tack (a strategic alliance nevertheless) – sponsoring a 24-hour giveaway program offering the pro versions of popular applications – FREE.

From the site:

Everyday the website will provide users with a 24-hour giveaway program. All of the programs that on the giveaway list are the pro version or non-free version. Generally, users have to pay to get it. During the 24-hour giveaway period, users can download the software from the website according to their specific needs without spending one penny.

Users can see the software description, original price, time left and the Get it now button. When users want to know more details about this software, they can click on the button to the software page. There you can know the detailed info about the giveaway software and download it freely.

Take a look at what’s on offer today, and through the coming days.

Aunsoft SWF Converter on January 10, 2013 – Original $69.00. Now Free!

 

Converts SWF to almost all popular video formats
Converts SWF/FLV with Alpha to lossless raw video/RGBA32 (*.avi)
Supports Flash videos V6, V7, V8, V9, V10 format
Supports converting SWF to 1080P, 720P, 480P and other
Supports latest devices: iPad, iPod, iPhone 3GS, Android phones.

USB Stick Encryption 4.0 on January 11, 2013 – Original $39.95. Now Free!

GiliSoft USB Stick Encryption helps you password protect USB drives, Thumb drives, Memory sticks, Pen drives, Jump drives and Flash drives.

A secure USB drive with password protection is a must these days as the data that it contains may cost you millions of dollars if stolen or lost. With GiliSoft USB Stick Encryption your USB flash drives and all other external storage devices can be very easily password protected.

Tipard MOD Converter 6.1.52 on January 12, 2013 – Original $29.00. Now Free!

Tipard MOD Converter is the best awards-winning HD video converting software for various video camera fans. It can convert MOD,TOD, MPEG, MPG, MPV, MP4, VOB, etc files to the popular video formats: MP4, MPG, MOV, VOB, AVI, 3GP, FLV, HD H.264, HD WMV, HD AVI, etc.

Besides, it can help you convert videos to various editing software, like Avid Media Composer, Sony Vegas, etc. Moreover, it supports 4 languages and the latest portable devices: like HTC, Samsung Galaxy, iPhone 5, iPad 4, etc.

iCare Data Recovery Professional 5.0 on January 13,2013 – Original $89.95. Now Free!

iCare Data Recovery Professional works perfectly with hardware RAID and hard drive, USB drive, SD card, memory card, etc. It provides the comprehensive data recovery solution for computer users.

It could recover files from formatted drive, RAW file system, drive has not formatted error, RAW drive, undelete files emptied recycle bin, recover files due to partition lost, system crash, software crash, bad boot sector, missing boot sector, bad MBR, $MFT damaged, lost partition table, lost or damaged FAT, virus infections, power failure, and other unknown data loss…

MacX DVD Ripper Pro for Windows 7.0.0 – on January 14, 2013 – Original $39.95. Now Free!

MacX DVD Ripper Pro for Windows is an ultimate DVD ripping software to rip both homemade and encrypted DVD movies to all sorts of format like MP4, MOV, AVI, H.264, FLV, MKV, etc.

It helps you to easily transfer DVD to video files playable on iPhone, iPad, Apple TV, Android, Microsoft, Sony devices, etc.

You can also copy DVD to multi-track MPEG2 file with all videos/audios/subtitles within several minutes. So you can keep your DVDs safe from scratched, broken, and enjoy the DVD movies on the go.

Password Organizer 6 – on January 15, 2013  – Original $19.99. Now Free!

Your passwords are protected by the famous AES encryption (Advanced Encryption Standard) so that it is impossible to read your data without knowledge of your master password. If you like to export or print out all your passwords, of course 1-abc.net Password Organizer offers you such useful features as well.

Secure and generate your password data, remember only one password and concentrate on other important things in life with 1-abc.net Password Organizer!

Bonus:

To get free notification of giveaways on your desktop – download Glarysoft Giveaway.

Lift The Hood On Your PC – Take a Peek With These 5 Free System Information Utilities

If you think developing information, including diagnostics, on your computer’s operating system and hardware is a tough task, you can relax. Here are 5 small, free applications, that make it easy to probe your computer system and create a detailed profile which can include hardware, installed software – motherboard, CPU and GPU specs, remaining drive space, and your operating system security hotfixes – and a lot more.

Belarc Advisor 8.2.7.14:

Belarc Advisor is a free program that automatically generates a detailed audit report of the hardware and software on your computer. It records essential information such as, operating system and processor details, the amount of RAM installed, and drive specifications.

The report also includes a comprehensive list of the software installed on your system, as well as software license numbers and product keys. In addition, it lists the status of the Microsoft hotfixes on your system. If any hotfixes need reinstalling, you will be advised of this.

The results are displayed in a formatted HTML report. The report is clearly formatted for ease of understanding and divided into appropriate categories. Hyperlinks within the report allow you to quickly navigate to different parts of the document, find out more about a particular hotfix entry, or see where a listed software product is installed.

All of your PC profile information is kept private on your PC and is not sent to any web server.

System Requirements: Windows 8, Windows 7, Vista, 2003, XP. Both 32-bit and 64-bit Windows support.

Download at: MajorGeeks

LookInMyPC 2.10.3.158

LookInMyPC is a free application which, like Belarc Advisor, records essential information such as, operating system and processor details, the amount of RAM installed, drive specifications and so on. But, it digs much, much, deeper.

The following graphic shows a very small (I do mean very small) portion of a scan result, run on my test platform. The data shown here is pretty standard stuff.

System requirements: Windows 2000, XP, 2003/8, Vista, Windows 7, Windows 8.

Download at: MajorGeeks

A portable version is also available.

SIW (System Info) 2011.10.29i

SIW is an advanced System Information utility that analyzes your computer and gathers detailed information about system properties and settings and displays it in a very comprehensive manner.

The data generated is divided into major categories:

Software Information: Operating System, Software Licenses (Product Keys / Serial Numbers / CD Key), Installed Software and Hotfixes, Processes, Services, Users, Open Files, System Uptime, Installed Codecs, Passwords Recovery, Server Configuration.

Hardware Information: Motherboard, CPU, Sensors, BIOS, chipset, PCI/AGP, USB and ISA/PnP Devices, Memory, Video Card, Monitor, Disk Drives, CD/DVD Devices, SCSI Devices, S.M.A.R.T., Ports, Printers.

Network Information: Network Cards, Network Shares, currently active Network Connections, Open Ports.

Network Tools: MAC Address Changer, Neighborhood Scan, Ping, Trace, Statistics, Broadband Speed Test

Miscellaneous Tools: Eureka! (Reveal lost passwords hidden behind asterisks), Monitor Test, Shutdown / Restart.

Real-time monitors: CPU, Memory, Page File usage and Network Traffic.

System requirements: Windows 7, Vista, XP, 2000

Download at: MajorGeeks

Speccy 1.17.340

Speccy (from our good friends over at Piriform – the CCleaner guys), is not quite as comprehensive as the applications described previously. Even so, you can count on this free application to provide you with detailed statistics on every piece of hardware in your computer. Including CPU, Motherboard, RAM, Graphics Cards, Hard Disks, Optical Drives, Audio support. Additionally Speccy adds the temperatures of your different components, so you can easily see if there’s a problem.

Typical info screens.

System requirements: Windows 8, Windows 7, Vista and XP (32-bit and 64-bit)

Download at: MajorGeeks

PC Wizard 2012.2.10

PC Wizard has been designed for hardware detection but, it really shines in analysis and system benchmarking. It will analyze and benchmark CPU performance, Cache performance, RAM performance, Hard Disk performance, CD/DVD-ROM performance, Removable/FLASH Media performance, Video performance, and MP3 compression performance.

Typical info screens.

System requirements: Windows 8, Windows 7, Vista, XP (32-bit and 64-bit)

Download at: MajorGeeks

Think BEFORE You Click! – How Hard Is That?

HARD, apparently.

I recently repeated a small experiment (for the third year in a row), with a group of “average computer user” friends, (12 this time around), and I was disappointed to see (once again), that the conditioned response issue to “just click” while surfing the web, was still there.

Still, I’m always hopeful that reinforcing the point that clicking haphazardly, without considering the consequences – the installation of malicious code that can cause identity theft and the theft of passwords, bank account numbers, and other personal information – would have had some impact. Apparently not.

But, I haven’t given up. I’m prepared to hammer them repeatedly until such time as I can make some progress. In the meantime, I expect that curiously browsing the web blissfully unaware of the considerable malware dangers, will continue to be the modus operandi for my friends.

They’re not alone in their “clicking haphazardly” bad habits. Many of us have learned to satisfy our curiosity simply by a mouse click here, and a mouse click there. Arguable, we have developed a conditioned response (without involving conscious thought), to – “just click”.

It can be argued, that our “just click” mindset poses the biggest risk to our online safety and security. In fact, security experts argue, that a significant number of malware infections could be avoided if users stopped “just clicking haphazardly”, or opening the types of files that are clearly dangerous. However, this type of dangerous behavior continues despite the warnings.

Most visitors to this site are above average users (I’m assuming that you are too), so, I have a challenge for you.

Take every appropriate opportunity to inform your friends, your relatives, and associates, that “just clicking haphazardly” without considering the consequences, can lead to the installation of malicious code that can cause identity theft and the theft of passwords, bank account numbers, and other personal information.

Help them realize that “just clicking”, can expose them to:

• Trojan horse programs
• Back door and remote administration programs
• Denial of service attacks
• Being an intermediary for another attack
• Mobile code (Java, JavaScript, and ActiveX)
• Cross-site scripting
• Email spoofing
• Email-borne viruses
• Packet sniffing

They’ll be glad that you took an interest in their online safety. And, best of all, by doing this, you will have helped raise the level of security for all of us.

A point to ponder:

Since it’s proven to be difficult to get “buy-in” on this – “think before you click safety strategy” – I generally ask the question – do you buy lottery tickets? Not surprisingly, the answer is often – yes. The obvious next question is – why?

The answers generally run along these lines – I could win; somebody has to win;……. It doesn’t take much effort to point out that the odds of a malware infection caused by poor Internet surfing habits are ENORMOUSLY higher than winning the lottery and, that there’s a virtual certainty that poor habits will lead to a malware infection.

The last question I ask before I walk away shaking my head is – if you believe you have a chance of winning the lottery – despite the odds – why do you have a problem believing that you’re in danger on the Internet because of your behavior, despite the available stats that prove otherwise?

The Fundamental Principle Of Safe Surfing – Think “Common Sense”

So what can you add to your computer’s Firewall, Security Applications, and Browser security add-ons to ensure you have the best protection available while you’re surfing the web? Well, how about something that’s free, and readily available? Something called “Common Sense”.

Common sense: sound and prudent judgment based on a simple perception of the situation or facts.

–   Merriam-Webster’s Online Dictionary

Common Sense Tip #1 – Given the virtual epidemic of malware currently circulating on the Internet, don’t run, or install programs, of unknown origin.

Internet users’ continue to be bombarded with rogue security software which has reached epidemic proportions. There seems to be no end to the release of new rogue security software threats. Rogue software will often install and use a Trojan horse to download a trial version, or it will perform other actions on a machine that are detrimental such as slowing down the computer drastically.

Download applications, particularly free programs, only from verifiably safe sites (sites that guarantee malware free downloads), such as Download.com, MajorGeeks, Softpedia, and the like.

There are many more safe download sites available, but be sure you investigate the site thoroughly before you download anything. Googling the site, while not always entirely reliable, is a good place to start. A recommendation from friends as to a site’s safety is often a more appropriate choice.

Common Sense Tip #2 – Don’t open emails that come from untrusted sources. It’s been estimated that 96% of emails are spam. While not all spam is unsafe, common sense dictates that you treat it as if it is.

Common Sense Tip #3 – Don’t run files that you receive via email without making sure of their origin. If the link has been sent to you in a forwarded email from a friend, be particularly cautious. Forwarded emails are notorious for containing dangerous elements, and links.

Common Sense Tip #4 – Don’t click links in emails. If they come from a known source, type them in the browser’s address bar. If they come from an untrusted source, simply ignore them, as they could take you to a web designed to download malware onto your computer.

Common Sense Tip #5 – If you do not use a web based email service then be sure your anti-virus software scans all incoming e-mail and attachments.

Common Sense Tip #6 – Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

Be proactive when it comes to your computer’s security; make sure you have adequate software based protection to reduce the chances that your machine will become infected.

Most of all, understand that you are your own best protection.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Security Precautions For Your New Christmas PC

We are now officially in the “Holiday Season”, (the “Christmas Season”, to we traditionalists), so along with those visions of sugar plum fairies dancing in your head, you just might have visions of a super hot, quad core beast, that you can rip the wrapping off – after Santa has dropped down your chimney.

So if you’ve been good this year, and Santa does drop off that new screaming machine, no doubt you’ll want to put it through its paces right away. But before you test drive this new machine, there are some fundamental precautions you need to take.

Patch your operating system:

Download and install all available patches, and service packs – if applicable, by connecting to Windows Update. Security Gurus will tell you that 50% of unpatched, and unprotected systems, will be infected with malicious code within 12 minutes of being connected to the Internet. Believe it!

Install a Firewall:

Windows 7 comes with a vastly improved Firewall – substantially better than in previous versions of the operating system. Still, many techies consider third party applications more effective.

There are a number of free firewalls that are worth considering. The following are three that do the job particularly well. (Choose only one)

Comodo Firewall Pro:

Comodo Firewall protects your system by defeating hackers and restricting unauthorized programs from accessing the Internet. I ran with this application for 18 months during a long term test, and I felt very secure.

PC Tools Firewall Plus:

PC Tools Firewall Plus is my Firewall of choice. It installed easily, set up quickly, and did not caused any conflicts on my test machine despite my sometimes esoteric running requirements. The default settings are well thought out, and provide excellent protection for less experience users.

ZoneAlarm Free Firewall:

ZoneAlarm’s default settings are well thought out, and provide excellent protection for less experience users particularly. Experienced users on the other hand, can tinker to their hearts content, customizing and tweaking the application to meet their specific requirements.

Install anti-virus software:

There is no doubt that an unprotected computer will become infected by viruses and malware within minutes of first being connected to the Internet. There are many free versions of anti-virus software available, and the programs listed below have a well justified reputation. (Choose only one – although Immunet Protect will run successfully as a companion application).

Avira AntiVir Personal:

This anti-virus program offers comprehensive protection with an easy to use interface. In the time that I have been testing Avira I have been impressed with its performance, and I have come to rely on it as my primary anti-virus program on an XP Pro system. I highly recommend this one.

Panda Cloud Antivirus:

I’ve been testing the Beta version of Panda Cloud Antivirus since the end of April 2009, off and on, and I’ve been pleasantly surprised with it’s performance, particularly the light use of system resources. This application is definitely not a resource hog, and I found it outstanding at recognizing and blocking malware threats.

Immunet Free Antivirus:

Immunet Protect is a lightweight cloud based antivirus application, (available in both a free, and a fee version), designed to add a layer of protection while working in partnership with the most popular antimalware solutions. You’ll find Immunet straightforward to install, and easy to run without complication.

Install Anti-spyware and Adware Software:

It’s not only a virus that can put your computer down for the count, but a multitude of nasties freely floating on the Internet. Listed below are a number of free programs that offer very good protection against malware.

Microsoft Security Essentials:

Microsoft Security Essentials, which incorporates antivirus, antispyware and rootkit protection, all under one roof, was released by Microsoft as a free  replacement application for Windows Live OneCare. Microsoft Security Essentials is easy to set up and run, particularly for new users. And, the interface is positively simple offering Quick Scan, Full Scan, or Custom Scan.

Spybot Search and Destroy:

Spybot Search & Destroy can detect and remove a multitude of adware files and modules from your computer. Spybot also can clean program and Web-usage tracks from your system, which is especially useful if you share your computer. Modules chosen for removal can be sent directly to the included file shredder, ensuring complete elimination from your system.

ThreatFire:

ThreatFire blocks mal-ware, including zero-day threats, by analyzing program behavior and it does a stellar job. Again, this is one of the security applications that forms part of my front line defenses. I have found it to have high success rate at blocking mal-ware based on analysis of behavior. I highly recommend this one!

Additional security protection:

Web of Trust (WOT):

WOT is a free Internet Browser add-on which tests web sites you are visiting for spyware, spam, viruses, browser exploits, unreliable online shops, phishing, and online scams, helping you avoid unsafe web sites.

SpywareBlaster:

SpywareBlaster prevents ActiveX-based spyware, adware, dialers, and browser hijackers from installing on your system by disabling the CLSIDs (a system used by software applications to identify a file or other item), of spyware ActiveX controls. As well, SpywareBlaster can block spyware/tracking cookies and restrict the actions of spyware/adware/tracking sites in Internet Explorer, Firefox, and other browsers.

WinPatrol:

With WinPatrol, in your system tray, you can monitor system areas that are often changed by malicious programs. You can monitor your startup programs and services, cookies and current tasks. Should you need to, WinPatrol allows you to terminate processes and enable, or disable, startup programs. There are additional features that make WinPatrol a very powerful addition to your security applications.

SpyShelter:

SpyShelter is an anti-keylogging, anti-spyware program that protects your data from Keylogging and spy programs: known, unknown, and under-development. It detects and blocks dangerous and malicious programs, to help ensure that your data cannot be stolen by cyber criminals.

Note: Keep in mind however, that even the best layered protection strategy will not make up for lack of experience, and intuitiveness, when surfing the Internet. So, I’ll repeat what I have said here, many times – “knowledge, awareness, and experience are critical ingredients in the escalating battle, against cybercriminals.”

This list is not exhaustive by any means, but it is a good place to start.

A final note: You may find that your new PC is loaded with preinstalled “trial” software. This is the type of thing that drives users buggy, since trying to figure out how to get rid of trialware is not as easy as it should be. But don’t fret.

Take a look at – Free PC Decrapifier – Bloatware Begone! – a free application designed to specifically uninstall these annoyances

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Free Linux Live USB Creator – Run Or Boot Linux From A Flash Drive

If you’re looking for a painless way to run Linux without having installed any one of 200+ distributions to your Hard Drive, or without having to boot from a Live CD, then open source Linux Live USB Creator could be the perfect tool. In a very simple process, Linux Live USB Creator will install any one of a huge range of Linux distributions to a USB drive.

After installing your chosen Linux distribution, either from an existing ISO on your HD, or exercising the option to download an ISO through Linux Live USB Creator, you will have several available options.

Option 1 –  Run LinuxLive USB directly within Windows in a virtual environment.

Option 2 – Boot directly from the LinuxLive USB key.

The following screen captures illustrate how a previously complex process has been streamlined, so that a competent average user should be able to breeze through the installation. For this review, I installed PCLinux from an ISO, previously stored on my HD, to an 8 GB Flash Drive.

Launching Linux Live USB Creator will take you to a colorful, “follow the bouncing ball” simple interface.

In less than 5 minutes the process is complete and I’m off to the races!

Well, sort of. In fact, immediately upon installation completion, you will be taken to the developer’s site for a quick heads-up on using Linux Live USB Creator.

As per the developer’s instructions, using Windows Explorer, I navigated to the newly installed VirtualBox folder on the USB drive, clicked on Virtualize_This_Key.exe, and sat back as PCLinux launched inside Windows in VirtualBox.

Now, how cool is that! No fuss, no muss, no knowledge of running a virtual system required.

As stated earlier, you have a huge selection of Linux distros to choose from. For this review I choose PCLinux since I had it hanging around on my HD – one of those “I’ll get to it when I can” downloads.

Fast facts:

Free and Open-source – LinuxLive USB Creator is a completely free and open-source software for Windows only. It has been built with simplicity in mind and it can be used by anyone.

No reboot needed – Are you sick of having to reboot your PC to try Linux? No need with LinuxLive USB Creator. It has a built-in virtualization feature that lets you run your Linux within Windows just out of the box!

Supports many Linux distributions – Ubuntu, Fedora, Debian, OpenSUSE, Mint, Slax, CentOS, ArchLinux, Gentoo, PCLinuxOS, Sabayon, BackTrack, Puppy Linux …

Persistence – Having a Live USB key is better than just using a Live CD because you can even save your data and install software. This feature is called persistence (available only on selected Linux).

SmartClean & SmartDownload – SmartClean uninstalls properly any previous Live USB installations and SmartDownload lets you download any supported Linux in 2 clicks automatically selecting the best mirror to download from. SmartClean also lets you clean your USB key in 1 click.

Intelligent processing – LiLi works with many Linux, even if they are not officially supported.

Hidden installation – LiLi hides the Linux installation, your USB key stays clean.

File integrity – tells you if your ISO is corrupted.

Keeps your data on your USB device.

Intelligent formatting – can format disks bigger than 32 GB.

Auto-update – automatic updates when new Linux distributions are available.

System requirements: Windows 7, Vista, XP

Download at: Linux Live USB

User’s Guide – This tutorial will show you how to create a Linux Live USB very easily.

Tested on Windows 8 (developer).

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Avoid Accidents On The Internet Highway By Patching Your OS AND Applications

This morning, I read Ed Bott’s latest (Bott is a favorite of mine) – If your PC picks up a virus, whose fault is it? Here’s a summary –

Want to avoid being attacked by viruses and other malware? Two recent studies reveal the secret: regular patching. A fully patched system with a firewall enabled offers almost complete protection against drive-by attacks and outside intruders.

While reading through Bott’s  article, I was certainly put in mind of Yogi Berra’s often quoted “This is like deja vu all over again.” Current Internet security, and the best practices associated with it, really is “deja vu all over again” – and over, and over, and over. The fundamentals haven’t changed. Common sense is as much in vogue now, as it ever was.

In his article (which is worth a read), Bott relies on two recently released studies to bolster his point, that staying safe online, begins with “regular patching …….. the single most important element in any security program”.

Since the underlying theme is something I hammer on here, on a regular basis, it goes without saying that I agree with Bott, and the data generated in the studies. With that in mind, I’m reposting an article which I wrote in July 2010 – If You Get A Malware Infection Who’s Fault Is It Really? – which underscores the importance of patching not only the operating system, but the often neglected patching of installed applications.

If You Get A Malware Infection Who’s Fault Is It Really?

The security industry, especially security analysts, and for that matter, computer users at large, love to dump on Microsoft when they get a malware infection. If only Microsoft got their act together, the theory goes, and hardened Windows more appropriately, we wouldn’t have to deal with this nonsense.

But, what if it isn’t entirely Microsoft’s fault? What if it’s really a shared responsibility split between Microsoft, third party software developers, and the user?

From time to time, I’m accused of being “too frank”; usually on those occasions when diplomacy needs to be put aside, so that realities can be dealt with. For example, I’ve left myself open to criticism, in some quarters, by stating on more than one occasion –

It has been my experience, that when a malware infection occurs, it’s generally safe to say, the user is, more often than not, responsible for their own misfortune.

Computer users, by and large, are lackadaisical in securing their computers against threats to their Internet safety and security.

Strong statements I’ll admit, but if you consider the following, which I have repeated over and over, you’ll understand why I feel comfortable making this statement.

Not all users make use of Microsoft’s Windows Update so that they are current with operating system critical updates, and security fixes. More to the point, few users have given consideration to the vulnerabilities that exist in third party productivity applications and utilities.

Unless you monitor your system for insecure and unpatched software installations, you have left a huge gap in your defenses – it’s just plain common sense.

The just released Secunia Half Year Report – 2010, shows “an alarming development in 3rd party program vulnerabilities, representing an increasing threat to both users and business, which, however, continues to be greatly ignored”, supports my view that security is a shared responsible, and blaming Microsoft simply ignores the reality.

The report goes on to conclude, “users and businesses still perceive the operating system and Microsoft products to be the primary attack vector, largely ignoring 3rd party programs, and finding the actions to secure these too complex and time-consuming. Ultimately this leads to incomplete patch levels of the 3rd party programs, representing rewarding and effective targets for criminals.”

Key highlights of the Secunia Half Year Report 2010:

Since 2005, no significant up-, or downward trend in the total number of vulnerabilities in the more than 29,000 products covered by Secunia Vulnerability Intelligence was observed.

A group of ten vendors, including Microsoft, Apple, Oracle, IBM, Adobe, and Cisco, account on average for 38 percent of all vulnerabilities disclosed per year.

In the two years from 2007 to 2009, the number of vulnerabilities affecting a typical end-user PC almost doubled from 220 to 420, and based on the data of the first six months of 2010, the number is expected to almost double again in 2010, to 760.

During the first six months of 2010, 380 vulnerabilities or 89% of the figures for all of 2009 has already been reached.

A typical end-user PC with 50 programs installed had 3.5 times more vulnerabilities in the 24 3rd party programs installed than in the 26 Microsoft programs installed. It is expected that this ratio will increase to 4.4 in 2010.

The full report (PDF), is available here.

Each week, I receive the Qualys Vulnerability Report, and I never fail to be astonished by the huge number of application vulnerabilities listed in this report. I’ve always felt, that the software industry should thank their “lucky stars”, that this report is not particularly well known outside the professional IT security community. It’s that scary.

There is a solution to this quandary however – the Secunia Personal Software Inspector (PSI).

PSI constantly monitors your system for insecure software installations, notifies you when an insecure application is installed, and even provides you with detailed instructions for updating the application when available.

ZD Net, one of my favorite web sites has stated “Secunia Personal Software Inspector, quite possibly the most useful and important free application you can have running on your Windows machine”. In my view, this is not an overstatement.

Installing this small free application will definitely assist you in identifying possible security leaks; give it a try.

Quick facts:

The Secunia PSI is free for private use.

Downloaded over 800,000 times

Allows you to secure your PC – Patch your applications – Be proactive

Scans for Insecure and End-of-Life applications

Verifies that all Microsoft patches are applied

Tracks your patch-performance week by week

Direct and easy access to security patches.

Detects more than 300,000 unique application versions

Provides a detailed report of missing security related updates

Provides a tabbed report which indicates programs that are no longer supported – programs with all known patches – insecure programs, etc.

Provides a Toolbox offering a set of links which helps you assess a problem and how you can resolve it.

System Requirements: Windows 2000, XP 32/64bit, Vista 32/64bit, and Win 7 32/64bit.

Download at: Secunia

Bonus: Do it in the Cloud – The Secunia Online Software Inspector, (OSI), is a fast way to scan your PC for the most common programs and vulnerabilities; checking if your PC has a minimum security baseline against known patched vulnerabilities.

System Requirements: Windows 2000, XP 32/64bit, Vista 32/64bit, and Win 7 32/64bit.

Link: Secunia Online Software Inspector

As an added bonus for users, Secunia provides a forum where PSI users can discuss patching, product updates, exploits, the PSI, and anything else security-related.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.