How do I get sensible advice?
site is a good starting point. And
the Safety Detectives guide on children streaming content
is a good resource if you
have children. It's very diffcult nowadays to restrict what a clever 13 year old can find on the internet
except through discussion and education. You need trust, not heavy enforcement!
Don't even think of connecting to
the internet without first thinking of which anti virus and firewall
software you're going to use from the start. And read up on the
differences between viruses, trojans, spyware, keyloggers, encryption ransomware and other
nasties. Also remember the paper - identity theft is much easier
and more lucrative if you throw away documents that could help
criminals to open accounts in your name, falsely tell financial
institutions you've moved etc. Get a shredder! Security is
basically about being sensible and having multiple defences, including
data backups somewhere else - not just on or beside the computer.
Here's a link to an interesting
Internet Safety Guide
. It majors on VPNs.
How do I keep my files private?
You can set up multiple user accounts in Windows, protected by passwords. But
it's a lot simpler having one account used by everyone. If you
have multiple accounts all sorts of things you'd
hope would be common to other accounts aren't. And multiple
accounts can give a false sense of security - it's quite easy to boot
up a machine from a Linux CD and grab things from the hard disk without
needing to run Windows at all. I once got 200GB, mainly videos of her
grandchildren, off an ailing laptop that way for a friend before
doing a factory reset (and losing all the data on the C drive).
How do I stop my computer getting infected?
It's not easy because there are lots of nasty people out there trying
to steal from you. It's not just Windows you need to keep up to date -
browsers and their plugins, music players, pdf readers and so on can
also provide infection options, even on Macs and Linux machines.
Nowadays we've got all sorts of weird security vulnerabilities that
might give access to criminals. Krack, Spectre and Meltdown all leave
us dependent on suppliers to fix the problem.
Make sure you are getting Windows security updates automatically (it's
compulsory in Win 10) and that you have security software active and up
to date. There is free security software around and Windows has a basic
firewall built in but I gave up on the free stuff ages back, except for
tablets and phones. I've only used Kaspersky in recent years
but do read the reviews before deciding which to go for - there are lots of
security suites. And check multiple PC licences and prices.
Avoid sites that let you download illegal copies of music tracks, films,
software etc. They tend to leave your computer in a mess with
secretly downloaded nasties of various kinds.
Before you download any software, search its name in Google followed by
"problem" - if it's dubious there will be entries from
angry people who had to clean up after downloading it. Also stick
to reliable download sites such as sourceforge.net. Some less reputable installers slip all sorts of
nasties onto your computer if you're not vigilant. Some, eg CNET, tend to try to
install unwanted toolbars etc as part of an unrelated program install.
Quite a common source of infections now is a phone call "from Microsoft" or whatever.
If someone you don't know wants remote access to your computer it's probably to infect
it, not fix anything. I just ask them if they find it hard getting to sleep, knowing they've
got to go to work trying to scam people again the next day - they soon hang up.
Another increasingly common problem is where people fall victim to ransomware. Once
installed, by whatever nefarious means, it typically encrypts documents and photos
and offers to provide the decryption key in exchange for money. It is very important to
make yourself immune to this, basically by having up to date copies of your data all
over the place. If I found my data files had been encrypted I would detach the computer
from the network, eradicate the ransomware and delete all the encrypted documents and photos.
Then I'd refresh the data from the nearest uncorrupted source - the laptop, an
external drive (never leave these attached) or from the cloud (Dropbox Plus with file
How do I make sure my passwords aren't being sent to criminals in Eastern Europe?
The firewall built into Windows is quite limited, so get a proper firewall.
The bad guys are always trying to take over your PC. Routers contain a
firewall that typically hides the computers connected to them from the
outside world and also ignores unsolicited incoming traffic.
It's also a very good idea to run a software firewall on each computer, eg
as part of a security suite.
Remember that banks, eBay, PayPal etc would never ever send you an
email asking for passwords. And that strangers asking for your
bank details generally want to get money out, not put it in.
Giving them login details or transferring money electronically
on their instructions is rather like giving your house keys to a
plausible stranger at the airport as you leave on holiday.
It can be hard to tell with some emails but in any case never click on
an email link to go anywhere sensitive (eg a bank account).
Instead go and log in from your browser in the normal way,
ideally from a bookmark.
I find an effective way of using lots of different passwords (to
confuse the thieves trying to listen in) is to keep a list of them in a
text file on your computer. Obviously you don't list the passwords
themselves but hints that mean something only to you. Eg if you had a
memorable stay at the Hotel Kolping in Linz your password list could
show "amazon, main email, linz825!!!", "almeida, gmail, 9732linz%%%" etc.
Only you know to substitute kolping for linz when logging into a site. We
have several substitute clues like that and a different password for
every single site we're registered with.
Nowadays the experts say that the key to a really secure password
is simply its length. If criminals steal an encrypted file of
passwords from some retailer (as they often seem to) they will go
through it with brute force techniques. If your password is 123456
or password it will be cracked very quickly indeed. If it's
721kolping465!!! that's 16 characters and they'll simply give up
and move on to the next one. For passwords that really matter, eg for
email accounts, use 2 step authentication wherever it is available. Eg
nobody can log into either of our main email accounts, even if they
knew the password, without entering a code texted to my mobile phone.
Can I trust online banking?
That's a hard one, because potentially it's pretty insecure
accessing accounts over the internet and banks are getting tougher
about blaming people whose accounts are emptied. I'd certainly not use
my tablet or phone for online banking. So the answer is "no".
It is absolutely essential that nobody gets access to sign-on
passwords so never write them down and make sure your computer is
A simple way to confuse some keyloggers is to keep clicking on random
places on the web login page (not in the data boxes) and typing extra
characters as well as moving around the boxes on the form. The web page
discards those key strokes but many keyloggers will faithfully record
them. If you assume there is a keylogger on your PC which records key strokes
and mouse clicks and also takes occasional screenshots you should be
able to outwit it with this technique, although my son said it might be
possible to intercept just what's actually being sent out by the browser.
Do not assume that the Windows on-screen keyboard will confuse
keyloggers - apparently they all log that one too.
Banks are getting much better at asking things like "2nd, 5th
& 9th characters from your password". Two of our online accounts now also
have little card readers used when
setting up new payees etc - that's fairly secure, although it does mean
banks are passing responsibility for online fraud to their customers.
Eg if you don't have decent security measures in place they'll feel
quite happy saying "your fault, nothing to do with us" if your account
gets emptied. They'd probably say the same if you were kidnapped on holiday
and imprisoned until you'd emptied all your accounts for the baddies.
How do I stop people sharing my wifi connection?
To stop malicious intrusions change the router system password
(the one that starts out as "admin", "password" etc). It's amazing how many people
leave this unchanged (and highly insecure).
To stop a neighbour using your connection enable WPA2 encryption in
the router and use a long passkey with mixed letters, numbers etc.
Ours is along the lines of 8Grand7Old6Duke5of4York - not easily guessable or crackable.
Because you're going to have to tell the passkey to visitors over time, make sure
it's very different from passwords you use for banking and other logins - they're private
to you. A while back a friend said her internet had gone horribly slow and might it be the students
renting the top floor next door? I put a biscuit tin lid between the router and the party wall and
suddenly the internet was full speed again! They'd probably been downloading films etc.
Then I changed the passkey from highly insecure WEP to WPA - no more problems.
There is also a possibility of a neighbour on the same phase electricity supply
connecting to your Powerline network but most experts say the signal doesn't go
past the meter and most Powerline units also offer encryption.