This blog complements my book, The Essential Guide to Home Computer Security, to help you keep your home computers and smartphones secure.

Friday, 29 November 2013

Secure your Passwords, and your digital legacy, with PasswordBox

Password management software company PasswordBox appears to have quickly spent some of its recent $6M funding on acquiring a complementary offering. 'Legacy Locker' is a digital afterlife service that – should you pass on without passing on your passwords – grants access to your online assets to friends and loved ones.

PasswordBox is another member of the important set of software that helps you manage your passwords. Definitely worth checking out.

Monday, 18 November 2013

Beware 'Ransomware' targeting UK computer users and SMEs

The UK's National Crime Agency (NCA) has warned of a 'significant risk' from emails with an attachment that, if launched, runs malware known as Cryptolocker. Cryptolocker encrypts the user’s files on the infected machine and demands payment to recover the data - an attack known as ransomware. The NCA points out that this spamming campaign is particularly targeting SMEs (presumably because of the type of message and fake attachment).

The usual advice to protect yourself applies including: ensure anti-virus is up to date; back up data; and don't open attachments if you have any doubts at all about their origin.

Saturday, 24 August 2013

Beware phone calls claiming you have a problem with your computer

I popped home at lunch-time and the phone rang. I only heard a few words before I impolitely put the receiver down, cutting poor 'Alan' off in mid call-centre spiel. He claimed to be from the Global Security Department and his next sentence would have been to say they had found a problem with my PC and its internet connection. Very soon he would have wanted remote access to fix it but instead would have installed malicious software.

I noticed a story in a local paper just recently where a gentleman was nearly taken in by such a scam but managed to stop it just in time. And this isn't the first time I have received such a call. It behoves us all to spread the word about this dangerous practice.

Thursday, 13 June 2013

10 Android Security Applications for Mobile Devices

Android has become a major target for malicious software - this eWEEK slide show covers 10 different security applications designed for Android 10 Android Security Applications to Keep Your Mobile Devices Safe. If you have an Android device you should be using something from this list.

Tuesday, 21 May 2013

Social media plagued by privacy problems, say researchers

Social media is plagued by privacy problems, according to researchers at Lancaster University who reviewed the privacy management of 16 popular social networking sites, including Facebook and Twitter. The interesting point in their work is that there is a disconnect between the published privacy policies and the options provided to users to control their privacy. I noted in my book that privacy controls on many sites are not obvious to the user. It now seems that what controls that do exist are not traceable back to the published privacy policies. I hope the research leads to a more transparent way for privacy permissions to be governed.

Friday, 3 May 2013

13 Million Facebook Users Haven't Touched Their Privacy Settings

Apparently 13 Million Facebook Users Haven't Touched Their Privacy Settings. And as I mention in my book, it's not in the interests of social media companies like Facebook, to have the defaults as private as you might like. So let's get that number down. Go and check your privacy settings now. If you are not sure how, go into the Facebook help centre, and click on 'Privacy'.

Thursday, 25 April 2013

The Best Browser Extensions for Security and Privacy

A thorough article from Lifehacker - The Best Browser Extensions that Protect Your Privacy:
But note that some of these tools need to be used carefully as they can cause some browser hiccups.
In summary:

Block Ads, Scripts, and Popups with AdBlock Plus

Stop Everyone from Tracking You with Disconnect

In addition to privacy protecting tools and ad blockers, Lifehacker documents some other add-ons, utilities, and services worth considering if you have the other bases covered including:

HTTPS Everywhere (for Firefox/Chrome) which will try to find secure versions of the sites you visit.

And Hotspot ShieldHideman, or Tunnelbear. for a Virtual Private Network or VPN. This encrypts all of your internet traffic.

Thursday, 18 April 2013

The Best Antivirus App for Windows - from Lifehacker

The lifehacker website has changed its recommended anti-virus app for Windows. They recommend Avast Free Antivirus for the best balance between protection, ease of use, and cost. Their former favourite, Microsoft Security Essentials (also known as Windows Defender in Windows 8), has not been performing well enough in tests to keep its top ranking. For more information, see the lifehacker report The Best Antivirus App for Windows

Thursday, 4 April 2013

Don't click on suspicious links - even in Skype messages

The usual warning is not to click on suspicious links in emails. Now an attack has been found where a compromised Skype account is used to send out a message containing a web link. If the link is clicked on, the user can be infected by some nasty malware which, apparently, are not detected by some anti-virus software. The Skype message is very simple - it contains just one shortened link. So be careful with links on Skype - try to make sure there is a real person behind any message before you click.

Sunday, 31 March 2013

App Security Provider MyPermissions Raises $1M in Funding

A company providing a service that allows users to police access to their personal data has raised $1million. The only surprise here is how little this is. By linking directly to application permission pages for services like Facebook, Twitter and Google, it alerts the consumer when an app access their personal data, giving them control over their personal information. Great idea. App Security Provider MyPermissions Secures $1M in Funding

Tuesday, 26 March 2013

Latest Advice on Browser Security Settings

The Veracode blog, 'All Things Security', has provided a useful set of security settings for 3 popular browsers: Google Chrome, Mozilla Firefox and MS Internet Explorer 10. It's interesting to see the 3 together and the different ways each has to control security and privacy. In Chrome you select 'Settings' and then click on 'Show Advanced Settings' - hidden at the bottom of the screen. In Firefox they are in the 'Options' menu under tabs 'Security' and 'Privacy'. In IE10 you click on Internet Options where there are tabs again for 'Security' and 'Privacy', but you also need to go to the 'Advanced' tab and scroll down to 'Security' there. Veracode have suggested turning off Javascript but this makes most sites unusable. As ever, security is a trade-off!

Wednesday, 6 March 2013

eCrime Wales - excellent cyber security resource

Have to give top marks for the eCrime Wales website. Full of useful info, helpful videos and a link to report eCrime if you become a victim.

Monday, 4 March 2013

Would you let your children wander a red light district?

Some of our children's friends were given tablets for Xmas and it just came to light that some of them still have no parental control software installed. The analogy here is: would you let your children wander a red light district? They would certainly see inappropriate things by accident, and older ones might be tempted to indulge their natural curiosity. It doesn't take long to install something like K9 from the Android Play store, or from the Apple Appstore, to make sure their web browsing is suitably filtered.

Saturday, 2 March 2013

Essential Home Computer Security - Protect your Children

I've just published a post with my top 10 tips for home computer security. They cover the basic activities that everyone should be aware of, and follow. However I did miss something very important. It only applies to families, and it's easy to overlook as children grow up and start to access the internet. It is essential that they are protected from accidental, and deliberate, access to inappropriate material. Free e-safety applications such as K9 should be used to filter web browsing. If you have children accessing the internet this is your priority.

Wednesday, 27 February 2013

Top 10 Tips for Home Computer Security

My latest post on the BT Let's Talk Security blog contains my top 10 tips for home computer security. I've tried to condense key messages from my book into 10 short sentences, in the hope that they can be disseminated and digested more easily. They are also available on the document site scribd.

This is all part of my cunning plan - better home computer security can also provide better security for businesses. Businesses should have a strong interest in making sure their staff understand computer security and apply it at home, and thereby also at work.

If anyone has any thoughts on encouraging this synergy I would be very pleased to hear them.

Monday, 11 February 2013

Enterprise Security Begins at Home

From my contribution to BT's blog - Let's Talk Security - the first of a four part series on home security and how it relates to wider cyber security issues.

Tuesday, 22 January 2013

Beware of fake Java updates

And of course, attackers will take advantage of that ignorance. Beware of fake Java updates - new malware is posing as a Java update to fix recent vulnerabilities.

Monday, 21 January 2013

Java - Obscured Security for Home Users

For cyber security people (securitists?) there has been a lot of discussion about whether Java should be disabled for security reasons. I think that many non-expert home users have no idea what Java is, whether they use it regularly, or whether they even have it. Discussing security in this way does not help those users who really need it. The relation who asked me what a reboot was is not going to appreciate Java. Basically it's a system that allows a website to run software on your machine. Usually that's a bad idea, because if something or someone can run software on your machine they can do pretty much what they like. In fact it is the goal of a lot of hacking attempts. But Java is designed to resist this, and is constrained as to what it can do to your computer. Except however when a flaw is found and isn't fixed quickly. If you want to how to disable it in your browser (probably the biggest risk) - try this link to the Sophos website.