Tag Archives: backup

How To Secure Your Personal PC

9



Photo by Don Hankins

(Note: while this article contains much general information, the scope of solutions and resources is limited to Windows-based computers.)

There are only two words you need to know about securing your personal computer: imaging and backup. An image is a snapshot of your primary hard drive at a specific point in time. If you create and maintain pristine images of your hard drive, you can “rollback” (restore) your system to any one of these last known good points in time. Unfortunately, a rollback also erases whatever good data may have existed on the hard drive, such as your current projects, downloads and photos. For this reason, the second part of securing your personal computer involves setting up a robust backup routine.

When you are ready to secure your personal computer, refer to a professional computer technician for practical tips. You should ask for ideas on the creation of the initial image, the best time to make a new image and how to implement a workable backup strategy.

What Is Personal Computer Security?

A practical definition of computer security can be found at albion.com :


“In the spirit of practicality, I like the straightforward definition promulgated by Simson Garfinkel and Gene Spafford in Practical UNIX & Internet Security: “A computer is secure if you can depend on it and its software to behave as you expect.”4 In essence, a computer is secure if you can trust it. Data entered today will still be there tomorrow in unaltered form. If you made services x, y, and z available yesterday, they’re still available today.”

 

What Are Some Threats to Personal Computer Security?


Click on the security mind map below to see the full-size image in a new browser window. Be sure to enlarge it by clicking on the image in the window.

This is by no means a complete and exhaustive representation of all the things that can harm your computer.

Yet, by studying this map, you’ll have a better understanding of just how enormous is the scope of personal computer security.

 

Who Is Responsible for Personal Computer Security?

Ultimately, you are. Of the nine specific threats outlined in the security mind map, only the Computer Vendor and the Operating System are beyond your control. Technically, your choice of vendor and OS can help or hurt your vulnerability! If we accept that vendors and software writers are fallible, then we must also accept the responsibility that comes with deciding to use their products and services.

When it comes to establishing and maintaining computer security, there is a huge difference between corporate/institutional computer systems and your personal computer. Corporate systems require trained staff to manage computer security. Even if you create images and backups, they’ll do you little good if, through lack of understanding, you practice unsafe computing habits that compromise your computer during daily use. Yet, it is unreasonable to expect you to know everything about managing your personal computer security. Therefore, it may be a good idea to create a short list of experts to which you can turn for advice on personal computer security.

Looking again at the security mind map, create a list of people and resources capable of helping you deal with each major threat area. There is some overlap between threats and in several cases, you may wish to focus on a more specific threat. Here’s how one list might look for a Windows PC user:

By learning from these eight expert resources, you minimize the impact of the ninth threat: Your lack of understanding. You also free up your time to educate yourself on general security issues. Here are a few good places to start:

Why Is Personal Computer Security So Difficult?

You have too many sources of expert advice. Some of these experts go overboard with their recommendations, making your computer experience less than enjoyable. For example, the excellent website, www.cert.org, suggests:


9. Disable Java, JavaScript, and ActiveX if possible

Be aware of the risks involved in the use of ‘mobile code’ such as ActiveX, Java, and JavaScript. A malicious web developer may attach a script to something sent to a web site, such as a URL, an element in a form, or a database inquiry. Later, when the web site responds to you, the malicious script is transferred to your browser.”

A better suggestion is to use Firefox and install the NoScript extension from IT company Inform Action.

The complexity of the personal computer operating systems and software obscures potential security breaches. Tweaking your operating system or applications may enhance your overall computing experience. However, listening to bad advice or, worse, experimenting blindly, can lead to disaster. Mozillazine.org is a user-contributed wiki that contains an extensive collection of Firefox browser configuration changes. The configuration page is peppered with cautions and bug alerts.

Obscure Threats

Obscure to the average computer user, the following threats may never cross your path. Some of them are beyond your control. They are presented here just to ruin your day. :)

Peripherals attached directly to your computer or via a network connection may pose a threat to the confidentiality of your personal data.

In Windows Secrets Newsletter, Issue 224, 12/10/2009, columnist Dennis O’Reilly mentions two examples:

  1. Old fax machines that have been discarded retain recently received images on their carbon ribbons
  2. The Brother PT-2700 label maker has a dry ink tape that also retains a reversed image of everything that has been made with it.

In the fax machine article, the reporter concludes that printers with memory may also have a record of documents.

DNS cache poisoning has been the focus of much attention since being explained to affected computer companies in July, 2008 and to the public in August, 2008. It is a method by which hackers can spoof, or imitate, legitimate websites for nefarious purposes. Although many vendors have updated their software and instituted other defensive measures, US-CERT states that “routers, firewalls, and other gateway devices that perform NAT/PAT may modify source ports in ways that reduce the effectiveness of” the protective techniques.

Easily Identify Your Single Most Important Piece of Software

7



Photo by Truth Went Trendy

As you muddle through yet another boring task on the word processor, the computer’s sluggishness becomes annoying. In a huff, you bang open the Task Manager to see what is hogging all of the CPU’s cycles. Hmmph! It’s that updated version of Whiz-bang 2000. This is unacceptable!

Something like this happened to me early this morning. I was working on a blog post, converting it from a previous incarnation on the web. That meant slogging through HTML tags, updating hyperlinks and cleaning up the layout. I was tired. I was bored. This deadly combination resulted in a minor catastrophe. As I was cutting and pasting text, I noticed an increasing delay between pressing Ctrl-X (cut) and the completion of the operation by Microsoft Word. This had never happened before.

I opened the Task Manager and discovered that PhraseExpress was churning through CPU cycles like crazy. As proverbial straws go, this was the ultimate hump smasher. It was bad enough that PhraseExpress 7.0 weighed in at twice the size of its predecessor; I also had to deal with a more aggressive pop-up dialog, accusing me of using the program for commercial purposes and nagging me to purchase a license. (It’s free for non-commercial use.) Now, this mysterious cycle-stealing behavior was just too much. I decided to go back to version 6.

The only problem was, I couldn’t shut down the program! Whatever 7.0 was doing, it didn’t include responding to right-clicking on the system tray. So, I did what any savvy Task Manager user would do: I killed the process.

Oops.

That’s “oops” as in hindsight is twenty-twenty vision. At the time that I terminated the program, I was unaware that I had wiped out the primary phrase database. I merely proceeded to rename the folder and bring in a backup of the folder containing version 6. I was also not thinking about the fact that the version 7 database would be unreadable by version 6. Heh-heh. I found out quickly enough when I restarted the program and tried to use an autotext shortcut.

Nothing Happened.



Photo by One Laptop per Child

I can think of few times when stark, paralyzing numbness beset me at a computer keyboard. Visions of a dozen shortcuts lost made my right eyelid twitch. The thought of rebuilding the database sent a chill of despair down my spine. I began the torturous hunt for a backup database file.

There was no shortage of backups. However, to add to the drama, I grabbed the one from version 7. Needless to say, it presented a blank slate when I restarted the program. Finally, I reached back twelve days and grabbed the last backup that I had made before upgrading. Thankfully, it was the one I needed.

The whole sordid episode consumed about ninety minutes of time. That hour and a half pales in comparison to the mental anguish I endured. If you think I’m writing in jest, take a look at this:

Over 4,900 phrases! While I certainly added less than 10% of that myself, that’s still nearly 500 phrases that I would have lost. Many of these shortcuts are second nature to me. I constantly use PhraseExpress to bang out code snippets, sign blog comments and provide really long hyperlinks. This ninety-minute nightmare made me realize that it is my Single Most Important Piece of Software.