Tips for Home Computer Security: Protecting Every Computer Connected to a Network or Internet
Editor’s Note: This article was originally written in 2008 and has been placed in our archive.
Basic Home Computer Security
Remember to create a “start-up” disk when your computer is free of all infection and after you register your new computer or had your operating system reinstalled. Should your computer get an infection that restricts the display of your hard drive or is acting strangely (much too slow or displays unusual characters or responses), you should be able to get to your operating system initial display screen by putting the start-up disk in the appropriate drive before you turn your computer on. Once you get to your operating system’s initial display screen, use your anti-virus software. If your start-up disk does not work or if you are uncomfortable using it, contact a computer repair professional.
Try More Than One Connection
Add an additional internet connection. Make this connection the “default”. Having more than one connection should prompt your computer to ask which connection you want to use. When an infector tries to activate your modem, it will automatically use the default connection (if the infector does not have its own). If the default number being dialed or the network address is invalid, the program can’t make a connection. Be sure the invalid network address or phone number you enter is not available or belong to anyone.
Consider directing your operating system to display file extensions. The file extension typically is the last three digits of a filename after the dot (Filename.Extension). It tells you the kind of file it is and the program that created it. Most home computer users do not create or used double extension files. In some cases, a double extension in a filename (filename.ext.ext or filename.ext .ext) indicates an infector. If you notice a double extension, use your updated anti-virus software.
Adjust the security settings for your browser so programs will not be downloaded without your permission and scripts will not automatically install.
Risks Involved with File Sharing
Most home computer users do not need to share files directly with another computer, share files with a company’s network, or have the need to look around someone else’s computer and transfer files between the two. However, a comparatively large percentage of preteens and teenagers compared to other age groups use P2P (peer-to-peer) file-sharing software typically to share music. It is possible for a P2P user to gain access to private, personal or confidential files; or, to transfer intentionally or unintentionally pornographic, illegal, or infected files to your home computer. It is illegal to distribute copyrighted material without permission of the copyright holder. Some hackers have abused the capabilities of file-sharing programs.
Check if file-sharing programs are installed. If they are and you don’t use or need them, disable or uninstall them. If you use them, be sure to set your file-sharing program where other unknown random users can only find particular file types instead of allowing them permission to look through all the files on your computer limited only by the file types they specify. Remember to discuss the potential dangers of file sharing with your children. Kids and teenagers sometimes know more about computers and programs than adults but parents almost always know more about the safety of children. Remember also that you can share files (text, music, pictures) with other internet users (family and friends) through email and websites with uploading capabilities. If you have a home network installed be sure the file and print sharing feature is not available to the modem so unauthorized persons through the modem can’t access the computers on your home network.
Many computer users like the feature of their home and laptop computers remembering their usernames and passwords at websites and their logon to the internet. This feature is very convenient. When your computer is stolen or someone has physical access to your computer without your permission, this feature can be devastating. With your computer, with your logon information to the internet and websites you visit or conduct business with or access to your email accounts, someone is able to run around the internet as you, with all your electronic identifying features from your computer using your logon information and possibly credit or financial information. Try not to let your computer remember any passwords. If you really like your computer remembering passwords, use a product such as RoboForm that allows the user to password-protect the password file.
Wipe Your Hard Drive
When you “delete” information on your hard drive, the information is stored in background folders or on the free space of your hard drive. The information is not gone and can be retrieved with data retrieval software unless it is deleted by a process know as shredding. To maintain a clean hard drive to be sure information you deleted is no longer available, use the ‘secure empty trash’ feature with a Macintosh operating system or use a product such as Cyberscrub with a Windows operating system on the computers you actively use on a daily basis.
Unless you physically destroy your computer’s hard drive when you are considering to sell, lease, or donate your computer, use a product such as cyberCide (also at https://www.cyberscrub.com) regardless of which operating system you’re using so the next person in possession of your computer’s hard drive will not have access to any information hidden on the hard drive (credit, personal, financial, or confidential information). To find directions for permanently removing your personal information from a mobile phone before you donate, exchange or recycle visit Recellular.
Remember that email is more like sending a postcard rather than a letter in a sealed envelope where only someone opening the envelope can read the letter. Postcards and emails can be read by anyone who happens to see it if they know how to read it. Assume your emails are not private unless you encrypt them.
Remember that copies of email you download from a server to receive can be stored on the network server for a time period decided by the owner of the network such as your internet service provider or employer. There is not a federal minimum standard for the storage of electronic communications of citizens, clients, customers or employees.
Periodically check the “Sent Items” folder in your computer’s email program for any emails you did not send.
Many backdoor programs and Trojans require the internet user to open (click on) an email attachment. Remember to use your anti-virus software before opening email attachments. Other backdoor programs and Trojans can be hidden in downloads from the internet or copied to your hard drive by removable media. Backdoors and Trojans can allow a computer user at another location unauthorized use of your computer leaving no trace of how they entered, exited, or where they roamed. Once someone has access to your computer, they can send email from your computer as you, copy files, record where and when you went online, change or share information in your computer, and anything else you can do with your computer. Remember to disconnect the extension cable between your computer and modem when you are not using your computer. Backdoor programs and Trojans typically can’t function when an internet connection with your computer can’t be made. Even infectors with their own SMTP engine (internet connection) can’t function when the telecommunications cable is physically disconnected.
Instruct your email program to not automatically display the email text in the preview pane. One technique of spammers using phishing scams is the blank email (no text message and no suspicious link). When you open the blank email to read it, a script can be automatically installed that is programmed to do whatever the scriptwriter tells it to do. Some scripts do nothing until you try to do your banking online. These scripts typically do one of two things. Either it redirects your browser to a fraudulent website or it allows you to do your banking but discreetly sends your personal information to a predetermined email or website address. Either way you may be the victim of identity theft.
Dangers of Wireless
If your home computer has the hardware for a wireless connection, even if you do not use this connection or do not have any internet access active, it is possible for someone to gain unauthorized access to your computer. Ask a trained computer service professional to disconnect this hardware if you do not use a wireless connection and do not know how to do this yourself.
Try not to use computers shared with others at cybercafes, hotels, libraries or airports to access information that require a personal identification and/or password at financial, banking or shopping websites. You really do not have a way of knowing for sure if the publicly available network is supervised or “cleaned” after each user to maintain personal privacy. The network owner may not know an infector or spyware is installed that can make your personal information available. Another user may search the history or cache looking for available information. Of course this may not be true at the public network you use but you do not have an effective way to be sure.
Lock your laptop computer especially in crowded public places. Think of your laptop as “bulky cash”. If you would not leave cash somewhere, don’t leave your laptop there including an unattended vehicle. There are hardware devices that will send a homing signal when the device is improperly opened. There are software programs that will contact the location you specify when setting-up the software through the internet or email after someone uses an incorrect password. Consider what kind of security is suitable for you.
Decide which information, pictures, correspondence and records you definitely can’t take a chance losing, being distributed, altered or destroyed. Keep those files on removable media or an external drive so you can use them but don’t attach that drive to your computer while your wireless connection is active or the modem cable is attached. Remember to back-up your files to removable media in a safe place that are stored on an external drive or removable media.
Remember, if you do not use the hardware or software installed on your home computer, turn it off, close it, disable it or uninstall it. The only electronic device or computer 100% secure is the one not connected to the internet. The more secure your home computer is, the less convenient it will be for you to use. Each internet user is responsible for deciding and setting their most important individual priorities.
Cybercrime is minimized when each internet user is aware of these risks for a good portion of the time their computer is connected to the internet. This is not different than neighborhood residents getting together and watching out for each other to prevent and limit neighborhood crime.
For more information on wireless security, see this article on WEP, WPA and WPA2.
This article has been placed in our archives.