Schneier on Security

I highly recommend www.bugmenot.com as well for a security measure. For anyone not familiar with it, it's a website that has a set of bogus logins/passwords to let you get around places like chicagotribune.com that ask you for a login simply to create marketing data. There is a Firefox/Mozilla extension for it that makes it extremely simple to use. Also, if you find a site that absolutely forces you to use a real email, look into one of the sites such as mailinator.com which provides a sort of generic mail-drop.

VMWare (or similar) is useful incase you want to run anything you don't 100% trust.

If I had my way, VMWare would be the only component of the 'host' and *everything* would run inside 'guest' sessions.

What is the benefit of deleting "command.exe" and "cmd.exe"?

Any reason why you can't use OpenOffice ( http://www.openoffice.org ) instead of Microsoft Office? I've switched to it on my desktop at work and haven't had any problems with any MS Office-generated documents so far.

To do a simple portscan of your computer (to test your firewall), google for "ShieldsUp"... It's written entirely in assembler or something weird like that, but the service has worked for me for years.

You missed the "Let a knowledgable person go over your computer every once in a while, so they can update your spyware detection software, make sure your computer is devoid of malware, delete temporary folders content and make sure the security settings haven't been altered" tip.

I see it as a sort of maintenance work. I manage my folks computers and a few friends', and once in a while I do a once-over. It takes about 15 minutes, and usually it goes without a hitch.

There should be a paid service offering you on-site computer security maintenance - one which you will pay if your machine is malware-free and if it's not the maintenance is free...

-- Arik

cmd.exe one of the few things I use on a regular basis in Windows. Can't live without the command line. Why get rid of it?

What about not running as Administrator? One of the things that greatly reduces the attack vector on Linux and Mac OSX is that the user you are normally logged in as doesn't have rights to install anything, or make any system wide changes. Do the same with Windows. Read Aron Margosis's excellent blog for tips on running as a non-Administrator. http://blogs.msdn.com/aaron_margosis If you're using XP Home, or XP Pro not a member of a domain, its even easier. Just use Fast User Switching if you need to do something as a non-Admin.

A very timely article for me since I will be seting up my brother-in-law's new PC in a couple of days!

I am surprised that you didn't tell people not to use the admin account for everyday tasks.

Any particular reason?

If you cant get rid of cmd.exe, rename it.

Why? Because it's powerfull "tool", many exloits uses cmd.exe.

Roger and Ben: I suspect both of you are at least up to the "power user" level where you're using the command line on a regular basis. In which case the advice doesn't really apply to you. However, most people never touch it. Some viruses (Code Red, for instance) make direct use of command.com/cmd.exe. If the user will never touch the command line, neither of these programs should be there.

For those who have asked about cmd.exe: I'm guessing that Bruce suggests deleting it because few users need it and it is a very common target for virii, worms, etc. to attack.

I frequently use cmd.exe so I'd never delete it. However, moving it to another directory or renaming it might suit just as well, since most malware will expect it to be at its normal location.

An interesting little anecdote: back in the days of Windows NT 4.0, I had forgotten my administrative password and needed it to install some software. Based on some advice I found quickly on the web, I backed up logon.scr and then renamed cmd.exe to logon.scr. Then I just logged out and waited 15 minutes, and presto! a command prompt appears. I then changed my password from the prompt (and running as Administrator, I was not required to know the previous one) and I was on my way again.

Anyway, that story is not really related to Bruce's suggestion. It's mostly the IIS-targeted exploits that attempt to use cmd.exe nowadays, I believe.

Your advice re: the bank's SSL vs non-SSL pages isn't quite right. It's perfectly OK to put your password into a non-SSL form IF IT SUBMITS to an SSL encrypted document. The POST request will be secure, even if the initial page is not. Granted, that's a bit beyond most users, but by default all browsers do warn you when you submit to a nonsecure page.. of course, that gets removed within the first couple times most people see it.

Good list of tips, I just wanted to throw this one in as an addendum to not using the admin account for everyday stuff:

If you run an OS with multiple accounts, create a non-admin, powerless user account and name it 'Admin', give it the most difficult password your OS will handle, then never use it and make sure that your actual admin account isn't called 'Admin'

I've seen many tools that include cmd.exe. Deleting it may give a false sense of security. The cmd.exe provided by the tool will run exactly as the cmd.exe that was removed.

You ask too much of common users. The average user is not only clueless, but they don't care to learn about technology and most refuse to pay anyone to setup and maintain their computer. Computers need to be greatly simplfied for the average user before any progress on general security is going to be made.

The average user is not aware of security issues created by their direct actions. Most assume an antivirus software and a firewall will protect them.

-Sandeep

PS: Firefox, Thunderbird?

JC: It's still a bad habit to enter passwords into non-SSL pages because you might be giving the pass to a typo-squatter or DNS hijacker unless you read the source to verify that the POST will go SSL to the expected site, with a valid cert. For most users that is an unreasonable expectation.

Wells Fargo is apparently ignorant of this issue, fortunately you can request their main page via HTTPS.

Warning: *Don't* try to break CD-ROMs. They shatter into flying shards and, well, you could put an eye out or something. Much better to microwave or shred them (on a device that supports that!).
///d@

I love bugmenot.com, and use it all the time. Someone wrote a Firefox extension that automatically grabs a random password from the site.

I should have mentioned it in the article. Next time....

"*Don't* try to break CD-ROMs."

I put them in a padded envelope and then break them. (Another thing to put in the next version of this piece.)

This isn't completely related to personal computer use, but don't store any personal information (namely address ) on a USB dongle or anything that accompanies your keys. If the keys are found by someone of ill intent, you might as well leave your front door open while you're home or office.

What is the advantage of using a credit card instead of a debit card?

This makes sense the other way round. With a debit card, the risk is limited to the balance on that card, and the card might be anonymous.

In the United States, consumers are legally liable for only up to $50 due to fraudulent credit card use. Debit cards don't have the same legal protection.

In other words, a stolen credit card can cost you a maximum of $50. A stolen debit card can cost you a lot more. (On the other hand, some debit card issuers limit the liability even though they aren't legally required to.)

The only problem I have with this article is the following: I don't know whether I should remember it as a quintessential example of a "well-paid-for" article or as a quintessential example of an article written by a complete lamer. Most likely, the former (considering the author)

'I'm stuck using Microsoft Windows and Office, but I use Opera for Web'

Ah - the height of spineless hypocrisy.

I use a program named Startpatrol on my Win98-PC. It runs in the background and displays a warning window whenever an unknown process starts or the various autostart areas of Windows are modified by a process.

Processes can be stopped by Startpatrol and modifications to the autostart areas can be prevented.

I think it's a good addition to firewall, anti-virus and anti-spyware programs - IIRC
it's even freeware.

In reply to Dithermaster and others about CD-ROMs

It is actually quite pointless breaking them or shreading them, the density of data they store means that quite a bit of data is still readable to somebody with the appropriate tools (which are not that expensive).

Untill the new Sony "Paper CDs" come along,

http://www.sony.net/SonyInfo/News/Press/200404/04-0415E/

(apparently they are burnable) the only effective way of removing data from CDs is "Slagging" this can either be in a sufficiently hot (and well ventilated) fire or in a microwave oven.

Two words of caution "Slagging" though, the materials used for CDs of all types decompose into some quite nasty gases that you most definatly do not want to breath in, this applies to both the fire and microwave. The second applies to microwaves, unless you want to damage it you would be well advised to do the following,

0,Get a seperate microwave oven to do it
1,Get a large plate of glass or ceramic
2,A glass or ceramic beaker/mug
3,About 1/4 pint of water.

The water goes in the beaker, the beaker goes on the plate the CD goes ontop of the beaker you do not use full power, and you watch from a safe distance. You microwave untill one of two things have happened (depends on the type of CD),

1, The reflective metal layer has burnt away
2, The CD has melted and deformed to such an extent that it is not optically usefull

If the CD starts to burn stop microwaving imediatly.

I would not advise cooking in the microwave after it has been used for Slagging as there are likley to be undesirable chemicals inside it that might be dificult to clean out.

Another source for basic information on
securing Windows is
"Securing Microsoft Windows (for Home and Small Business Users)" at:
http://www.dwheeler.com/essays/securing-windows.html

Besides the $50 fraud liability limit on credit cards in the US:

A debit card withdraws money directly from your checking account. Fraudulent charges can drain your account and cause you to bounce checks. Bounced check charges are typically over $20 each, and in some states, you are criminally liable if you bounce a check.

When you dispute fraudulent charges, with a credit card, your money is in your pocket, which gives you an advantage. With a debit card, the money is out of your checking account, in the pocket of the criminal, and you have to persuade the bank to give it back to you.

Very good advice, I'd mention anly a couple of things:
> The difference between cash in your wallet and your password(s) is that the damage from stolen cash is limited to the face value of the bills. > Bruce shorts his own creation by not mentioning Password Safe as an alternative for securing pw. > There is at least one less than $50 device that shreds CD/DVD by scoring the reflective material - after two passes any handling of the disk results in a shower of foil "dandruff". > As of v1.3 Spybot Search & Destroy includes a real time monitor that can warn the user of attempts to change registry settings. > I would add a caution about ever allowing a browser or web page to "remember" any authentication information, even the user name. > Allowing unneeded OS services to run under Windows is an unneccessary vulnerability - turn them off. There is at least one site that has some pretty good (and understandable) advice on what to turn off and why - " www.blackviper.com ". > Agree with the comments about not running with Administrator privileges under Windows. Rename the Administrator account and run as Restricted User by default.

Scott

so if you delete the files "command.com" and "cmd.exe." wouldnt that crash your computer, also how would you get to the command prompt? Just curious.

"*Don't* try to break CD-ROMs."

I cut my CD-ROMs and old CD-R/RWs with a pair of sharp scissors. It takes some muscle, but doesn't result in bits of plastic flying everywhere. If your scissors won't cut through the disc, try buying a pair of tin snips at your local hardware store; they're designed for tougher material.

Quick Question - Bruce - you have reccomended that you delete command.com and cmd.exe - is there no impact from doing this ?

Regards
Prashanth

On the contrary everything Bruce said is
accurate.The thing about atleast two Anti-
Virus APP's especially.I run 4 of the "best"
Applications on my client's machines.Even
when it "cleans" the Malicous program it
still leaves traces all over the place.Alot
of the high end Anti-Virus suits dont even
clean the older Viruses let alone detect them.

Ive seen Buisness grade Anti-Virus App's that cost Hundred's of dollars,and they couldnt even
clean simple programs.Another thing that needs
to be stressed is that Viruses ,and especially
Spyware piggy back in on APP's that come from
even "ligit" web sites.It is simple to bind
a executable to another executable.It dosent
matter what word processor or presentation
software you use! if it has any way for a
person to embed instructions in it(VBscript,
Javascript,TCL etc..)it can be used to construct
a Malicous stack of code.

NOTE:Every time you execute a file you could
be re-infecting your Machine! and hardly any
Anti-Virus suites check for Binded stuff.You
would also be very suprised who is making
spyware now day's! the companys are usally
owned by Corporations like Time Warner,Yahoo
etc..

Not to mention Viruses that emulate ,and
embed them selves into ligitamate/important
services on your machine.You Win2000+ users
probly have more than 3 SVHOST files running right now.

Lest anyone panic, having more than three instances of SVCHOST doesn't necessarily mean malware. Standard installations of XP have four. 2000 has four if you're using automatic Windows Updates -- the fourth is for a service called Background Intelligent Transfer Service (BITS). Even a fifth doesn't necessarily mean a virus, though that's one possible reason.

Bruce, if you look at the two-year-old list, the bottom point (#11) was to turn off the computer connected to the "always-on" connection when not using it. I presume turning off was recommended as a way to isolate or disconnect the computer from the Internet.

In your most recent update, that same point has moved to the top of the list, at position number #1.

There are lots of ways to disconnect a computer from the Internet. Aside from turning it off, you can unplug the data cable, turn off the modem, or get a hardware disconnection device.

The latter is a relay device from Pathlock Corp. You place it in series with an ethernet connection (from the modem or router) and it automatically disconnects. Pure hardware with no software to worry about.

you have to add anti-virus notes about

Hi,

I'm a student working on a project that has to do with mail security. I put together a website that talks about the problems of mail theft and fraud. www.mypostalprotection.com Through my research, I found out that only 13% of identity theft happens online. Have you ever done any research into this area of security? I would be interested to hear what your perspective is on the crimes of mail and identity theft. Please check out my website and let me know what you think.

if you don't want other person know your password, your username, may be you should use EZ Password Secure

http://www.yaodownload.com/utilites/security-encryption/ez-password-secure/

Hi, im 14 years old and im having sport on wedesdays and tuesday
is it safe to run while the period still goin?

The one point that I disagree with to some degree is to do with passwords. It *is* possible to create unique passwords long and "random" enough to be secure, but also memorable.

All you need is some bit of text you can memorize, a simple hashing function you can memorize and some data that is unique to where the password is being used.

I use this method to generate 32 character passwords that are all unique, contain no words, yet I can (almost) instantly recall or generate them when needed. Of course, I also keep them in a highly encrypted file with a decent password protecting it as a safeguard, just in case the unique context data changes and I can't recall what it used to be.

For passwords that must be available unencrypted (due to lack of context, enforced password changes, etc.), I agree with Bruce's suggestion of writing them down -- but don't write down "Password to ebay.com account bschnier" followed by the password -- find some more creative way to hide your passwords in plain sight -- make a poem that contains one or more of them (second letter of each line makes up the password in February, third for March), or something similar. That way, someone peeking at your data has to know what it is before they can use it against you.

how can i protect the CD from unwanted burning by music bussnessmen