Despite my suggestion that everyone uses a password manager to generate unique complex and long passwords, few do (excluding those who have already been subject to a breach). For such people an alternative (or better yet, an addition) exists: Two Factor verification a.k.a. 2-Step Authentication.
This allows access to be granted based not on just a password but also some other mechanism – perhaps fingerprint recognition, telephone call, e-mail or most often, SMS text message. This need not be too burdensome as it can usually be disabled for your home computer.
This is offered by most major sites including
If you are travelling away from home this avoids having your account blocked when the site you want to access detects that you have an unusual IP address.
Other essentials for travellers include installing Prey on your mobile device and buying a sturdy Kensington lock. And don't forget to (re)read
Precautions for loss or theft of tablets and mobile devices.
There is a new computer virus in town that I want to highlight to readers of this space. In a nutshell, if you get it many of your files will be encrypted so you can not read them unless you pay a ransom. Unlike all other viruses I have encountered before, once you are infected it is too late for me or anyone (except the blackmailer) to recover for you. Hence, please follow this suggestion.
The normal rules of avoiding infection still apply:
Now there's one other step. Download and execute a program that will lock your computer against the currently known variations of CryptoLocker and other similar viruses. This is available free from
There is one more protection that it is wise to take: retain a backup copy of your files that is not directly accessible - either online, or using software that retains versions, or in a proprietary format.
If your PC is running on Windows XP this would be a good time to consider its future. This is driven by Microsoft announcing that all support for XP and Office 2003 will cease on 8th April 2014. That means they will not be publishing patches to security vulnerabilities.
What’s the big deal I hear you say. Well any fraudster discovering a way in to your computer will not be releasing their virus now, they will be waiting for April as Microsoft have told the world that no more fixes will be released – so they will have a free hand to steal identities, extort money and take control of compromised computers.
Not only that, when a security flaw for Windows Vista or 7 is found Microsoft will be releasing a patch to fix it. That patch, it is said, will be reverse engineered by the bad people so that they can then target XP computers with the same attack.
You may be thinking that you can rely on your Internet security program, but history shows that all the main suppliers will no longer support XP as there will be so few users that there will be no money in it for them. Your only hope will be the free anti-virus products, and none of them are anything like as secure as the paid for Internet security suites, which themselves are necessarily less than 100% effective.
The only way to retain safe use of an XP computer would be to permanently disconnect it from the Internet. Don’t even leave it connected to your local area network as viruses can easily spread within a network. If you choose this course, reformat the disk and reinstall XP now as it is likely that patches and activation servers will not be available for too much longer.
Another consideration must be that at about 10 - 12 years old your hardware has already been running longer than expected. The time for it to fail must surely be imminent.
Upgrading to Windows 7 may be a possibility for some (upgrading to Windows 8 is not recommended), but given the risk of imminent hardware failure, and the much improved experience with Windows 8, and the need for a clean install rather than an in place upgrade, I suspect most people’s best option will be to buy new. If you do chose to upgrade make sure that device drivers are available for the new version of Windows. Old XP applications can usually run in Windows 7 Professional’s XP Compatibility Mode, or you may choose to run XP in a virtual PC.
Reference: Microsoft Security Blog
Having updated an 8.0 system three times I have the following thoughts.
This is not a service pack or regular Windows update - it is a new installation; at the end you will be left with a C:\Windows.old folder
I have a faster than average computer and a download speed of about 4.5 Mbps - for me the process took two and a half hours after I finished backing up.
It is always wise to take a backup before you make any change, especially one as major as this. If you absolutely can't take an image of your entire disk drive, then an absolute minimum must be all documents/photos/music/address books/emails etc. that you would hate to lose. I didn't have a problem with any of my three upgrades but I did a lot of background reading before I started and some people do run into problems.
The 3.5 GB download is only available from the Windows Store App (accessed from the Modern UI). It may take a couple of hours to download before asking questions. There were just 3 questions for me:
After the installation finished I had to reboot to get full Internet security protection back. Then I had to download and reinstall 8GadgetPack to get my clock, clipboard history and Twitter feed back. I also had to repin FreeCommander to my taskbar. Finally, I had to log a call with Dymo as their printer driver does not work with Windows 8.1 - their resolution has not fixed the problem either, the case is ongoing.
Reference: Updating to Windows 8.1 from Windows 8
The absolute best way to clean your computer of all sorts of malware is to pay me to do it, but what if you want a quick and dirty DIY approach ?
Any of the following are apparent:
First, disconnect the computer from your network to prevent the infection spreading further. Do not power off as some attacks are triggered at boot time. Now locate another computer and download some tools onto a newly formatted USB pen drive:
Boot your computer into Safe mode (F8 will do this after BIOS display and before Windows starts). Run MSCONFIG to toggle off all non-microsoft services and startup programs then reboot normally. Run each browser and disable add-ons you don't want. From the Control Panel uninstall any programs that are not there by your design. Delete the contents of your %TEMP% folder then run Ccleaner to delete those files you can. Now it's time to run Malwarebytes Anti-Malware *in full mode* - this will take an hour or two depending on the speed of your computer and number of files.
Reboot and now run TDSSkiller - this one's quick. After that run CCleaner again but this time in Registry clean mode. Now back to MSCONFIG to toggle on all those programs you earlier toggled off which do want to continue running. Reboot. Now HiJackThis can be used to point out anything that is left. If you are reading this you are probably not sufficiently experienced to differentiate good from bad, so websites such as http://www.hijackthis.de/en can give you a good idea.
Let's assume you have been successful in the above.
The above is a subset of what I would do having removed your hard disk drive and mounted it on a dedicated recovery rig. I would have taken an image of the disk initially, made multiple passes of the disk with different tools and confirmed that no other damage exists. However, the above is often sufficient to get you out of a hole. However sometimes the damage is so great that only a reinstallation of Windows will suffice.
There is a strong likelyhood that at some stage of your Windows computer's life it will benefit from having software reinstalled. Getting the installation kit for most programs is fairly straight forward, locating the product key or serial number that enables the product to be activated is often challenging.
This would be a good time to make sure you have a note somewhere of the product keys. For many computers I can often glean this from Windows itself *if it is still functioning properly* but quite often the keys (that are held within the registry) get corrupted - perhaps at the time of an abrupt power down or by malware activity.
At times like this, for Windows, you can sometimes look on the back of the computer at the Certificate of Authenticity which contains a key. If your CoA sticker has become worn or defaced it may not be readable - hence, always make a note somewhere else.
Further, for some off-the-shelf mass produced computers the key on the CoA is a generic one that can not be used to reinstall Windows. For such systems having the 'restore' CDs that came with or were available for you to create when the system was new will be essential.
If you own your home you probably have a Will written by your solicitor that instructs your executor how to dispose of your tangible assets when your number is up. But what to do with your Facebook, Twitter, LinkedIn, Google+, Pinterest and other social media accounts ? Do you have e-books, photos or music storred in the cloud ? What about the forums you have participated in ? Without instructions your executors must guess at your wishes; without your passwords their hands are tied.
Consider creating an account at http://www.deadsoci.al/ where you can prepare a message to be posted after your demise. If you have a Google account (who doesn't ?) then visit their Inactive Account Manager to tell them how to trigger your wishes regarding disposal of e-mail messages, Picasa albums, Drive documents, and other assets within their empire. Similarly Facebook accounts can be memorialized but you must decide how to trigger that.
A Will is a publically accessible document that is often onerous to modify - not to mention expensive. Therefore it is not an appropriate place to store your current passwords and after-life wishes. Instead consider a Letter of Wishes which should be referenced in the Will but can be held and easily modified by you - perhaps in a cloud stored file the password to which can be disclosed to only the trusted few. This enables your execuror to know to whom access should be granted or denied for each digital asset and gives them the ability to comply with your wishes by, perhaps, including the master password that unlocks your password management software (see my blog of 8-Jan-13).
Amazon, Apple and other such organisations typically sell you a license to use content - eBooks or iTunes perhaps, so after your death your estate does not have any rights to the content. You can however bequeath the Kindle or iPhone that holds such data to whomever you choose.
Act now before
:: Next >>
|<< <||> >>|