Security Index

Security News has the latest security and hacker related news stories.

Microsoft Updates
To have Windows install important updates as they become available, turn on automatic updating. Important updates provide significant benefits, such as improved security and reliability. You can also set Windows to automatically install recommended updates, which can address non-critical problems. Optional updates are not downloaded or installed automatically.

Personal Firewalls
Many personal computer operating systems include software-based firewalls to protect against threats from the Internet. Firewalls help monitor your system's communication between your network and the Internet to help stop intrusions and attacks. They are particularly useful for controlling the activities of Internet facing applications. An excellent review – with download links – of free firewalls (and free security suites) is available here.

Security suites
Security suites (which combine anti-virus, anti-malware and firewall into one product) have now overtaken the market and almost replaced individual anti-malware products. For most computer users these are a logical choice, but in some ways they are a trade off – one products anti-virus is very good while the anti-spam or firewall is average. In most cases they work well enough, but if you need to upgrade to a paid for solution, that is nearly always rated number 1, then why not try Kaspersky.

Antivirus software
Below is a list of five major labs that test anti malware products.
All are associated with the Anti-Malware Testing Standards Organization [AMTSO]

Malware is literally any software with malicious intent.
  • Viruses
    Many virus threats exist today. With most people having 24/7 connections, this is a very important line of defense.

  • Spyware
    Spyware has been around for many years, yet today it remains one of the most unresolved and pervasive problems for computer users. Essentially, spyware can be classified into seven separate groups based on the underlying technology that it employs.

  • Trojans
    The security risks associated with Trojan Horses are becoming more serious and widespread each day.

  • Worms
    Computer worms are not ordinary viruses. Their ability to spread quickly across the Internet has made worms the weapon of choice for malicious vandals to spread their latest creations. Virusall gives a great explanation of the various types of worms that you may come across.

  • Rootkits
    Rootkits can cause serious damage to a system and, if allowed to take hold, can force you to completely reformat your computer. However, sensible security precautions, properly patched operating systems and applications, and up-to-date security software will go a long way towards preventing rootkits from gaining access to your system. There are a couple of dedicated programs that can detect whether a rootkit is present on a system.
Secure Email Provider
HushMail is a web-based secure email system that allows free accounts. The problem is that even though it's located in Canada, it is not secure. If you need it then pay for it and use

Desk Top Security
Security is also an important issue from the "physical" aspect. Not all dangers to your information will be from "cyberspace". Security Administrator is a nice password-protected security utility that enables you to impose a variety of access restrictions to protect your privacy and stop others from tampering with your PC.

If you ask me what am I afraid most when it comes to computer security threats and my answer would be a keylogger. Although I am using LastPass to auto login to websites, there are still risks when it comes to applications such as Windows Live Messenger, Google Talk, CuteFTP or TrueCrypt. One of the possible solution is to use KeyScrambler to encrypt your keystrokes deep in the kernel, foiling keylogging attacks with scrambled, undecipherable data. Read the full blog report on KeyScrambler.

Disk Encryption
PGP is a file encryption programme which is generally considered unbreakable. While it was free it was used extensively on the Internet, available for almost every platform. Sadly this is no longer the case so we now use an alternative. Gpg4win (GNU Privacy Guard for Windows) is Free Software and can be installed with just a few mouse clicks.

File Encryption
True Crypt is a free open source on-the-fly encryption (OTFE) program for Microsoft Windows and Linux. It allows you to create a virtual encrypted disk (TrueCrypt volume) within a file and then mount it as a real disk. TrueCrypt can also encrypt an entire hard disk partition or a storage device/medium, such as floppy disk or USB memory stick. Everything stored on a TrueCrypt volume is entirely encrypted (i.e., including file names and folder names). TrueCrypt volumes behave as real physical disk drives. More at the True Crypt website. GnuPG is an open-source volume and individual file encryption tool with support for a dozen encryption schemes, paired keys, and expiring signatures. If you would like to compare disk encryption software then again we go to Wikipedia for an excellent comparison of technical features.

File Wiping
Even if you never forget to re-encrypt and wipe every file after use, editors and other programmes may leave temporary files behind. A normal "delete" does not actually erase files. The data itself remains on the disk, it"s just not part of a file anymore. By using a wiper, the data is replaced with random junk first. This prevents undelete utilities from restoring your erased files. DBAN (Darik's Boot and Nuke) is designed to securely erase a hard disk until data is permanently removed and no longer recoverable, which is achieved by overwriting the data with random numbers (7 passes). DBAN can be booted from a floppy disk, CD, DVD, or USB flash drive. Eraser is an advanced security tool for Windows which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Another useful wiper is Active @ Kill Disk.
Why a normal delete is not sufficient.

In today's information society, cryptography has become one of the main tools for privacy, trust, access control, electronic payments, corporate security, and countless other fields. The use of cryptography is no longer a privilege reserved for governments and highly skilled specialists, but is becoming available for everyone.

Fujitsu Laboratories Achieve World Record Cryptanalysis of Next-Generation Cryptography
Fujitsu Laboratories broke a world cryptography record with the successful cryptanalysis of a 278-digit [923-bit] long pairing-based cryptography, which is now becoming the next generation cryptography standard. Until now, cryptanalysis of pairing-based cryptography of this length was thought impossible as it was estimated to take several hundred thousand years to break. This result is used as the basis of selecting secure encryption technology, and is proving useful in the standardization of next-generation cryptography in electronic government systems in Japan and international standardization organizations.

This SSD will self-destruct in zero seconds
RunCore has announced a new range of solid state drives with physical "self-destruct" buttons. Wiping sensitive data from your computer isn't as simple as emptying the Recycle Bin. Deleted files are still recoverable, especially in the hands of someone who knows their way around a computer. RunCore's nVincible Solid State Drives come with the unique ability to phsycially destroy data at the push of an externally–mounted button. Not quite there with the "press any key" solution, but we are getting closer... read more here

Encrypted Desktop Hard Drive with PIN Access
Many of us (if not all) that have an SSD drive only use it for our Operating System and other programmes. All of our other content (photos, documents, etc), whether it is business or personal, is stored on a seperate hard disk drive. These drives are usually mounted in the same tower as our SSD. But for many users (especially those that only have a laptop) this is not a practical solution and an external HDD is required. I also store my system image on my external drive, so that in the event of any computer disaster I am able to set up again very quickly without losing anything.
The Aegis Padlock DT – USB 3.0 Desktop Drive is a secure external drive that offers the user a choice of real-time 128-bit or 256-bit Military Grade AES-XTS Hardware Encryption. It comes with many other features that make it very useable... read more here.

PS. It is not cheap, but, what price would you be prepared to pay to recover everything you lost!!!

Vanish.Org Copyright © 2012 All rights reserved