Security

The list of PC security products never ends. For every name that drops off, two more jump on. In fact, determining the best security hardware and software is a full-time job. Sometimes, you just want to throw up your hands and take your chances.

Maybe I'm just a cockeyed optimist, but I think you can stay safe without spending all your spare time doing research, installing updates, and generally becoming a PC-security expert. Here are five relatively easy ways to improve your security.

Use the firewall that's closest at hand
In the computer industry, the reputation of a product, service, or Web site is just about worthless. Yesterday's best firewall, ad blocker, spam buster, virus spotter, or spyware cleaner is today's bust.

Maybe the product got bought and the new owners aren't as conscientious about updates as the previous ones. Or the service's management team decides to go for profits and skimp on support, updates, and enhancements. There are lots of reasons why a good product goes sour, and the computer industry has seen nearly all of them.

So if you can't go by reputation, how do you choose a security product? One way is to go with the tools you've already got. Windows' security is roundly criticized, but the fact is, it's better than it used to be, and third-party security products have their own shortcomings.

Last February, I recommended that you use a third-party firewall rather than the one built into Windows. Six months earlier, I suggested that you pass on the third-party tools and stick with the Windows Firewall despite its shortcomings.

So which side of the fence am I on now? The simple side. The fact is, any third-party security tool complicates your setup. It's not difficult to find weaknesses in the Windows Firewall, but it's safe enough for most PC users, and it's much better than using no software firewall at all.

My previous post included links to information on Microsoft's TechNet site providing technical details of the Windows Firewall, tips for customizing the Windows Firewall, and help troubleshooting the firewall in XP and Vista.

Don't hesitate to try another free antivirus program
Just last week, I switched antivirus programs on my XP test system--for the umpteenth time. Something was slowing the system down, and after defragging the hard drive and doing other standard maintenance tasks, the machine's performance didn't improve as I expected it to.

Rather than go through a bunch of diagnostic tests, I simply uninstalled the system's antivirus tool and downloaded a competing package. The old and new programs were both free, and the switch didn't take much time to complete. The topper? The XP machine's performance perked up immediately.

Two antivirus programs that are free for home use and that are currently highly rated are Avast Home Edition and Avira AntiVir. You'll find a list of dozens of antivirus programs for Windows on this Download.com page.

Change your password...again
I hate those "your password will expire in x days" warnings as much as you do, but one of the simplest ways to protect yourself is by keeping your passwords fresh. Last year, I described the Ten Password Commandments, one of which was to devise a password-creation strategy that's all your own.

Just two months ago, I complained about the shortcomings of passwords as our primary security option, though I concluded that there's nothing better, for now. Lots of people swear by password managers such as RoboForm, but then you have yet another third-party app complicating matters.

For me, it's simpler just to devise a new password based on my unique, inimitable password-creation system, which I share with no one. No need to write it down, enter it in an online form, or encrypt it in a master-password file. Temporary amnesia, well, that's another matter.

For secure e-mail, use encryption
You would think that encrypting e-mail would be a breeze, but doing so is anything but. You and the recipient have to deal with digital certificates, public and private keys, and any number of other time-eating preparations and precautions.

The simplest way I know of to encrypt your e-mail is by using the Mozilla Foundation's Thunderbird with the Enigmail extension. Jason Thomas provides step-by-step instructions in this tutorial on the Lifehacker site.

Gmail users can secure their e-mail communications by enabling the service's built-in encryption. To do so, click the Settings button at the top-right of the main Gmail screen, scroll to the bottom of the General tab, select "Always use https," and click Save Changes.

Select "Always use https" under the General tab in Gmail's Settings to encrypt your messages.

(Credit: Google)

Keep your browser up-to-date
Most people will tell you that the Mozilla Foundation's Firefox browser is the safest way to surf, but a recent report from Google Switzerland and the Swiss Federal Institute of Technology found that "(u)sing the most recent version of a browser will lower the risk associated with drive-by-downloads and other Web-based attacks, which start by targeting the browser."

The report cites Google Chrome's silent updates as the best way to ensure that your browser is protected. The researchers also laud Chrome's lack of a way for users to disable its silent-update feature. Some people will object to software being downloaded to and installed on their system without their knowledge, but the fact is, these behind-the-scenes updates are the best way to keep you safe from the Internet bad guys.

Personally, I'm starting to rethink my choice of default browser. But as I mentioned earlier, you can't put any faith in a computer security product's reputation. And you can't be afraid to switch.

Check Point Software Technologies announced Monday it plans to acquire the security appliance business of cell phone giant Nokia.

With the acquisition, the security software maker plans to use Nokia's security appliance business to broaden its footprint in the security appliance market.

Check Point, which is predominately known for its security firewall business, has branched out into the security appliance business over the past five years, beginning with its VPN-1 Edge device.

Nokia's security appliance business currently serves 23,000 customers throughout the world and is already designed to work with Check Point's firewall, virtual private network (VPN), and unified threat management software.

The two companies have collaborated on product development for over a decade, including developing security software for mobile and Internet devices.

For example, Nokia's Internet appliance clustering technology allows groups of VPN and firewall appliances to work together, with an aim toward improving performance and reliability.

The deal is expected to close in the first quarter. Terms were not disclosed.

Updated 3:36 p.m. PST with SonicWall comment.

An outage at SonicWall's licensing server disabled subscription-based security services for customers for at least several hours on Tuesday, according to the company and an angry customer.

Beginning around 2 a.m. PST, "some SonicWall products contacting a particular SonicWall licensing server began receiving erroneous responses," the company said in an e-mail notice to customers sent around 5:40 p.m. PST on Tuesday.

"You are receiving this mail because our monitoring systems indicate that your SonicWall product(s) may have been affected. This may have caused the product license key to be reset, and in some cases may have affected the products' operation," the notice said. "The issue has been corrected and all servers and licensing functions have been restored."

The notice listed affected products as SonicWall UTM Firewall Appliances-PRO series, TZ series and NSA series; all SonicWall Email Security Appliances and Email Security software; SonicWall Content Security Manager Appliances; all Continuous Data Protection Appliances; and SGMS managed appliances.

It was unclear how long the outage lasted and how many customers were affected.

SonicWall spokeswoman Colleen Nichols sent CNET News this statement Wednesday afternoon: "Yes, very early yesterday, one server in SonicWALL's licensing server pool that handles distribution of signatures and license keys malfunctioned. This malfunction caused some customers' license keys to be reset, requiring them to be resynchronized. SonicWALL shut off this server shortly after it began malfunctioning, and at the same time proactively stopped automatic license key updates while we verified the integrity of the rest of our licensing servers. During this period, customers were still able to manually download updates and resynchronize their licenses through mysonicwall.com. As of noon yesterday, our license server pool is online and available, and affected customers can resynchronize their licenses through their product user-interface."

Customers who believe they are affected can go to SonicWall's Web site to get more information about resynchronizing their licenses keys, she said.

At least one customer was wondering why the operation of vital services would be tied to a server used for validating licenses.

"I was shocked this would happen," John Wilson, president of Avalon Technology Consultants, told CNET News. "It's like buying a car and because General Motors servers go down your car stops working."

Avalon, which manages about 50 SonicWall firewalls for its customers, noticed at about 10 a.m. PST on Tuesday that the firewalls were reporting that the antivirus, antispyware, and intrusion prevention services were not longer functioning, he said.

SonicWall advised customers to check all devices to be sure they were functioning, which "is not an insignificant task," he added.

"We have been recommending and installing SonicWall firewalls for our clients for several years, and we had no idea that the devices would stop working when SonicWall's servers went offline," Wilson wrote in an e-mail to CNET News.

"We believe that this is a serious security flaw with the potential to compromise security for tens of thousands or even millions of networks, and we believe this should be brought to the industry's attention," he wrote.

In Windows 7, the Windows Security Center will be replaced with the Windows Action Center

(Credit: Robert Vamosi/CNET Networks; Microsoft)

Since Monday, I have been running a prebeta copy of Windows 7, the next operating system from Microsoft.

At first glance, build 6801 of Windows 7 appears very much like Windows Vista; that's because enhancements to the look and feel part of the operating system typically come late in the development process. Right now, the core programming is being set, and there are already some changes in how Windows 7 will handle computer security.

Gone is the Security Center, introduced in Windows XP SP2. Instead, there will be an "Action Center" that incorporates alerts from 10 existing Windows features: Security Center; Problem, Reports, and Solutions; Windows Defender; Windows Update; Diagnostics; Network Access Protection; Backup and Restore; Recovery; and User Account Control.

Changes to the User Account Control (UAC) may raise an eyebrow or two. While vastly unpopular in Windows Vista, the dialog boxes that pop up whenever a user tries to install new software, among other reasons, served a purpose.

In Windows 7, users can adjust consent prompt behavior using a slider control, if they have administrative privileges. Microsoft says they'll still be protected against malicious software, even if they never see another alert. I'm wondering if that's actually a bad idea: if people never see an alert, they might think nothing bad ever happens to their computer. We lose an element of user education.

Windows 7, which Microsoft unveiled at its PDC 2008 event this week, also introduces something called the Windows Filtering Platform (WFP). The idea is that third parties can take advantage of aspects of the Microsoft Windows Firewall in their own products. Microsoft says "third-party products also can selectively turn parts of the Windows Firewall on or off, enabling you to choose which software firewall you want to use and have it coexist with Windows Firewall."

I mentioned this feature to one major security vendor, which responded by saying it couldn't imagine running its product side by side with Windows Firewall. Also, if Microsoft had a compelling component in its firewall, this vendor said it would just build its own version, not use Microsoft's.

Other security features have been tweaked in the current build of the next Windows operating system. Scrollbars were removed in the configuration settings screen, as has the Software Explorer feature, and real-time protection in Windows 7 has been improved to reduce the impact on overall system performance.

Windows 7 extends BitLocker drive encryption support to removable storage devices, such as flash memory drives and portable hard drives. This means that users can keep sensitive data on all of their USB storage devices.

Biometrics enhancements include easier reader configurations, allowing users to manage the fingerprint data stored on the computer and control how they log on to Windows 7.

And System Restore includes a list of programs that will be removed or added, providing users with more information before they choose which restore point to use. Restore points are also available in backups, providing a larger list to choose from, over a longer period of time.

Returning from Windows Vista are Kernel Patch Protection, Service Hardening, Data Execution Prevention, Address Space Layout Randomization, and Mandatory Integrity Levels.

This information could change, as Microsoft nears the final build. Microsoft still expects to ship Windows 7 "within three years of Windows Vista," which means that it could be available sometime before January 2010.

Click here for more news on Windows 7.