How do I get sensible advice?
site is a good starting point. Don't even think of connecting to
the internet without first thinking of which anti virus and firewall
software you're going to use from the start. And read up on the
differences between viruses, trojans, spyware, keyloggers, ransomware and other
nasties. Also remember the paper - identity theft is much easier
and more lucrative if you throw away documents that could help
criminals to open accounts in your name, falsely tell financial
institutions you've moved etc. Get a shredder! Security is
basically about being sensible and having multiple defences, including
data backups somewhere else - not just on or beside the computer.
How do I keep my files private?
You can set up multiple user accounts in Windows, protected by passwords. But
it's a lot simpler having one account used by everyone. If you
have multiple accounts all sorts of things you'd
hope would be common to other accounts aren't. And multiple
accounts can give a false sense of security - it's quite easy to boot
up a machine from a Linux CD and
grab things from the hard disk without needing to run Windows at all. I
once got 200Gb off an ailing laptop that way for a friend before
doing a factory reset (and losing all the data on the C drive). It's hard
to run Windows 10 without setting up a Microsoft account with a password
you use on start-up but just don't think that makes you secure.
How do I stop my computer getting infected?
It's not easy because there are lots of nasty people out there trying
to steal from you. It's not just Windows you need to keep up to date -
browsers and their plugins, music players, pdf readers and so on can
also provide infection options, even on Macs and Linux machines.
Make sure you are getting Windows security updates automatically (it's
compulsory in Win 10)and that you have security software active and up
to date. There is free security software around and Windows has a basic
firewall built in but I gave up on the free stuff ages back, except for
tablets and phones. I've used Kaspersky, BitDefender and McAfee recently
but do read the reviews before deciding which to go for - there are lots of
security suites. And check multiple PC licences and prices - at renewal
Kaspersky wanted 3 times more from me than going online and buying the
same thing new.
Avoid sites that let you download illegal copies of music tracks, films,
software etc. They tend to leave your computer in a mess with
secretly downloaded nasties of various kinds.
Before you download any software, search its name in Google followed by
"spyware" or "problem" - if it's dubious there will be entries from
angry people who had to clean up after downloading it. Also stick
to reliable download sites such as sourceforge.net. Some less reputable installers slip all sorts of
nasties onto your computer if you're not vigilant. Some, eg CNET, tend to try to
install unwanted toolbars etc as part of an unrelated program install.
Quite a common source of infections now is a phone call "from Microsoft" or whatever.
If someone you don't know wants remote access to your computer it's probably to infect
it, not fix anything. I just ask them if they find it hard getting to sleep, knowing they've
got to go to work trying to scam people the next day - they soon go away.
Another increasingly common problem is where people fall victim to ransomware. Once
installed, by whatever nefarious means, it typically encrypts documents and photos
and offers to provide the decryption key in exchange for money. It is very important to
make yourself immune to this, basically by having up to date copies of your data all
over the place. If I found my data files had been encrypted I would detach the computer
from the network, eradicate the ransomware and delete all the encrypted documents and photos.
Then I'd refresh the data from the nearest uncorrupted source - the laptop downstairs, an
external drive (never leave these attached) or from the cloud (Carbonite).
How do I make sure my passwords aren't being sent to criminals in Eastern Europe?
The firewalls built into Windows are quite limited, eg not checking
outgoing traffic, so get a proper firewall. The bad guys are
always trying to take over your PC. Routers contain a
firewall that typically hides the computers connected to them from the
outside world and also ignores unsolicited incoming traffic.
It's also a very good idea to run a software firewall on each computer, eg
as part of a security suite.
Remember that banks, eBay, PayPal etc would never ever send you an
email asking for passwords. And that strangers asking for your
bank details generally want to get money out, not put it in. Giving them login details or transferring money
electronically to their instructions is rather like giving your house keys to a plausible stranger at the airport as you leave on holiday.
It can be hard to tell with some emails but in any case never click on
an email link to go anywhere sensitive (eg a bank account).
Instead go and log in from your browser in the normal way.
I find an effective way of using lots of different passwords (to
confuse the thieves trying to listen in) is to keep a list of them in a
text file on your computer. Obviously you don't list the passwords
themselves but hints that mean something only to you. Eg if you had a
memorable stay at the Hotel Kolping in Linz your password list could
show "amazon, main email, linz825!!!", "almeida, gmail, 9732linz%%%" etc.
Only you know to substitute kolping for linz when logging into a site. I
have several substitute clues like that and a different password for
every site I'm registered with.
Nowadays the experts say that the key to a really secure password
is simply its length. If criminals steal an encrypted file of
passwords from some retailer (as they often seem to) they will go
through it with brute force techniques. If your password is 123456
or password it will be cracked very quickly indeed. If it's
721kolping465!!! that's 16 characters and they'll simply give up
and move on to the next one. For passwords that really matter, eg for
email accounts, use 2 step authentication wherever it is available. Eg
nobody can log into either of our main email accounts, even if they
knew the password, without entering a code texted to my mobile phone.
Can I trust online banking?
That's a hard one, because potentially it's pretty insecure
accessing accounts over the internet and banks are getting tougher
about blaming people whose accounts are emptied. I'd certainly not use
my tablet or phone for online banking.
It is absolutely essential that nobody gets access to sign-on
passwords so never write them down and make sure your computer is
A practical way of being secure is to jumble up the order in
which you type in account numbers etc. For example if you need to type in
011576312, put in the last few numbers first then use your mouse to
click at the start and enter the rest of the numbers. This should
confuse anybody listening in via a keystroke logger as they are
unlikely to be able to interpret the meaning of the mouse
click. You should also go to a banking site via a
favourites link or icon - don't key in giveaways such as "natwest.com"
followed by a series of numbers and letters as you log in.
An additional way to confuse keyloggers is to keep clicking on random
places on the web login page (not in the data boxes) and typing extra
characters as well as moving around the boxes on the form. The web page
discards those key strokes but the keylogger faithfully records
them. Then even a keylogger that takes a screenshot of the page,
perhaps when it first appears then as you finish, will find it hard to
guess which characters were your password of all those it logged.
If you assume there is a keylogger on your PC which records key strokes
and mouse clicks and also takes occasional screenshots you should be
able to outwit it with this technique, although my son said it might be
possible to intercept just what's actually being sent out by the browser.
Do not assume that the Windows on-screen keyboard will confuse
keyloggers - apparently they all log that one too.
Banks are getting much better at asking things like "2nd, 5th
& 9th characters from your password". Three of our online accounts now also
have little card readers used when
setting up new payees etc - that's fairly secure, although it does mean
banks are passing responsibility for online fraud to their customers.
Eg if you don't have decent security measures in place they'll feel
quite happy saying "your fault, nothing to do with us" if your account
How do I stop people sharing my wifi connection?
To stop malicious intrusions change the router system password
(the one that starts out as "admin", "password" etc). It's amazing how many people
leave this unchanged (and highly insecure).
To stop a neighbour using your connection enable encryption in
the router (WPA, ideally WPA2, is much more secure than WEP, which is relatively
easily bypassed) and use a long passkey with mixed letters, numbers etc.
Ours is along the lines of 8Grand7Old6Duke5of4York - not easily guessable or crackable.
Because you're going to have to tell the passkey to visitors over time, make sure
it's very different from passwords you use for banking and other logins - they're private
to you. A while back a friend said her internet had gone horribly slow and might it be the students
renting the top floor next door? I put a biscuit tin lid between the router and the party wall and
suddenly the internet was full speed again! They'd probably been downloading films etc.
Then I changed the passkey from WEP to WPA - no more problems.
There is also a possibility of a neighbour on the same phase electricity supply connecting to your Powerline (Homeplug) network
but most experts say the signal doesn't go past the meter and most Powerline units also offer encryption.