Five simple PC security tips

The list of PC security products never ends. For every name that drops off, two more jump on. In fact, determining the best security hardware and software is a full-time job. Sometimes, you just want to throw up your hands and take your chances.

Maybe I'm just a cockeyed optimist, but I think you can stay safe without spending all your spare time doing research, installing updates, and generally becoming a PC-security expert. Here are five relatively easy ways to improve your security.

Use the firewall that's closest at hand
In the computer industry, the reputation of a product, service, or Web site is just about worthless. Yesterday's best firewall, ad blocker, spam buster, virus spotter, or spyware cleaner is today's bust.

Maybe the product got bought and the new owners aren't as conscientious about updates as the previous ones. Or the service's management team decides to go for profits and skimp on support, updates, and enhancements. There are lots of reasons why a good product goes sour, and the computer industry has seen nearly all of them.

So if you can't go by reputation, how do you choose a security product? One way is to go with the tools you've already got. Windows' security is roundly criticized, but the fact is, it's better than it used to be, and third-party security products have their own shortcomings.

Last February, I recommended that you use a third-party firewall rather than the one built into Windows. Six months earlier, I suggested that you pass on the third-party tools and stick with the Windows Firewall despite its shortcomings.

So which side of the fence am I on now? The simple side. The fact is, any third-party security tool complicates your setup. It's not difficult to find weaknesses in the Windows Firewall, but it's safe enough for most PC users, and it's much better than using no software firewall at all.

My previous post included links to information on Microsoft's TechNet site providing technical details of the Windows Firewall, tips for customizing the Windows Firewall, and help troubleshooting the firewall in XP and Vista.

Don't hesitate to try another free antivirus program
Just last week, I switched antivirus programs on my XP test system--for the umpteenth time. Something was slowing the system down, and after defragging the hard drive and doing other standard maintenance tasks, the machine's performance didn't improve as I expected it to.

Rather than go through a bunch of diagnostic tests, I simply uninstalled the system's antivirus tool and downloaded a competing package. The old and new programs were both free, and the switch didn't take much time to complete. The topper? The XP machine's performance perked up immediately.

Two antivirus programs that are free for home use and that are currently highly rated are Avast Home Edition and Avira AntiVir. You'll find a list of dozens of antivirus programs for Windows on this Download.com page.

Change your password...again
I hate those "your password will expire in x days" warnings as much as you do, but one of the simplest ways to protect yourself is by keeping your passwords fresh. Last year, I described the Ten Password Commandments, one of which was to devise a password-creation strategy that's all your own.

Just two months ago, I complained about the shortcomings of passwords as our primary security option, though I concluded that there's nothing better, for now. Lots of people swear by password managers such as RoboForm, but then you have yet another third-party app complicating matters.

For me, it's simpler just to devise a new password based on my unique, inimitable password-creation system, which I share with no one. No need to write it down, enter it in an online form, or encrypt it in a master-password file. Temporary amnesia, well, that's another matter.

For secure e-mail, use encryption
You would think that encrypting e-mail would be a breeze, but doing so is anything but. You and the recipient have to deal with digital certificates, public and private keys, and any number of other time-eating preparations and precautions.

The simplest way I know of to encrypt your e-mail is by using the Mozilla Foundation's Thunderbird with the Enigmail extension. Jason Thomas provides step-by-step instructions in this tutorial on the Lifehacker site.

Gmail users can secure their e-mail communications by enabling the service's built-in encryption. To do so, click the Settings button at the top-right of the main Gmail screen, scroll to the bottom of the General tab, select "Always use https," and click Save Changes.

Select "Always use https" under the General tab in Gmail's Settings to encrypt your messages.

(Credit: Google)

Keep your browser up-to-date
Most people will tell you that the Mozilla Foundation's Firefox browser is the safest way to surf, but a recent report from Google Switzerland and the Swiss Federal Institute of Technology found that "(u)sing the most recent version of a browser will lower the risk associated with drive-by-downloads and other Web-based attacks, which start by targeting the browser."

The report cites Google Chrome's silent updates as the best way to ensure that your browser is protected. The researchers also laud Chrome's lack of a way for users to disable its silent-update feature. Some people will object to software being downloaded to and installed on their system without their knowledge, but the fact is, these behind-the-scenes updates are the best way to keep you safe from the Internet bad guys.

Personally, I'm starting to rethink my choice of default browser. But as I mentioned earlier, you can't put any faith in a computer security product's reputation. And you can't be afraid to switch.

[Random_Walk]

1) Buy a Mac or install Linux (80% of your security hazards solved)
2) if an app is pirated, don't install it (10%)
3) use a hardware firewall in your home network (5%)
4) keep both your router and your machines patched and current (3%)
5) if you don't know exactly who or where it came from, don't install it (2%)

[geekbully]

Now that's good advice that I live by!

I have an issue with item 1 though and this is coming from a person that uses all OS's. If everyone switched from Windows to Unix based OS's this just toggles the issue back to market share. Behavior (as you've outlined in items 2-5 are what prevent security breaches) not OS choice. I get your point though.

[Random_Walk]

Actually, when you consider that Apache has the vast majority of web server share (yet has been far more secure), one would wonder just how well the marketshare argument really holds up...

[geekbully]

Yea but we're talking PCs here not web servers. Entirely different topic. My point is simply if Linux or OSX were the dominating OS for end users we'd still be in the same boat of security vulnerabilities we are now.

[alegr]

1. Again, 1. Make your user account Limited User (don't rely on that UAC kludge). 0. Don't give administrator password to your kind. In enterprise: Don't make your domain users member of local administrators.

[alegr]

Sorry, typo. "0. Don't give administrator password to your kids"

[geekbully]

typo or not you were correct either way. TNO.

[Angmarr]

common sense goes a loooong way too. And allows you to play games, get 3rd party customizations/programs, surf, etc.

[danc2heaven]

Stop looking at porn sites.

[jpmccloud01]

all the security in the world isn't going to help, if the people operating the computer are not using common cents. To many people allow stuff on there computer, because they just aren't thinking. If you are using and antivirus software that is up to date don't respond to the e-mail saying you have 5000 or 5000000 viruses. it's fake and then you end up with costly repairs. If your antivirus warns of a threat don't allow the content. Simple let your defenses do there job.

[Lerianis3]

Bingo! The fact is that most people who get viruses are either going to iffy sites (and this, astoundingly, doesn't include porn sites in my experience, it's more 'warez' sites) or are responding to e-mails that they bluntly shouldn't respond to.

[Lerianis3]

I also have to add that you should not always believe your anti-virus. McAfee's latest "Total Protection" beta was giving me **** about every single one of my Japanese games having a virus in them....... I finally ditched that program because I KNEW they were clean, because I downloaded them from a reputable site that MANY Japanese people use.

[Chaosthoery]

Before I begin, I'm not one of those guys who sit around all day thinking about conspiracies. However, I'm curious if those companies who sell virus protection aren't the ones making the viruses.
I read a few comments of people saying use common sense, but some web browser exploits will download a virus as soon as you click a link. There's ways to prevent a virus but, everybody gets them, even the top military agencies in the world.

[01Phyxius]

I smell conspiracy theory...
(It kinda makes sense, though)

[jpmccloud01]

Conspiracy or not we live in a world of computers and computer users. If we don't directly use them; someone, some where, is managing something we use with one. They are a great tool that has made this planet a whole lot smaller and in the process a new crime has come about that we need to protect our selves against, that protection comes in the form of various virus, spyware , encrpytion packages. While I wish they where not needed, my job inpart exists because of the sale of some of these products. Criminals will always find a way of using new tech or old tech to get what they want and we need to defend against it. Know matter what the problem of security is weather or not people keep and eye out and take action really is what matters. I can say this again and again a lot of the people these days put protection systems on there computers; what they forget is to let them work. The the comment of going to some site and getting hit that is true to a point, but that is part of the next thing that will be addressed or has been recently with some of the newly designed security sweets and software. Remember some one some where will learn to exploit some code somewhere for ill gotten gain and then comes the next defense

[Wild Eep]

I would have to disagree with the companies making the viruses themselves. If they wanted you to feel protected, their programs would "find" more "viruses" to remove and make end-users feel protected. I've had McAfee total for 3 months now, and it's discovered 4 viruses, 2 of which I intentionally downloaded (GameSpyArcade), and one of which was detected as two separate trojans... because its name was too long.
Really though, it is a matter of common sense, you're right. Don't use torrents, don't give your social-security number to a dancing moose, and you should be fine.

[deniceels]

Well, why not just unplug from the net, from the PC and go out get some fresh air... that'll solve most computer security problem.

Even you download software from reputable clean sites, you can't be sure that the software itself is free from hidden habit or ad trackers.

[grecs]

Not 100% but maybe this meets Pareto's principle. Although it is easy to say to keep things simple, actually making it simple is ... well complex. :)