1. Don’t Listen to Websites Promising to Speed Up Your Computer

In most cases, you’d probably land on a pop-up advertisement promising that your computer will run much faster after you try out their software. I assure you that this is a gimmick intended to make you pay money for software that only takes up space on your hard drive. If you really want to make your computer faster, you’re going to have to pay some real bucks to get its hardware in shape.

Everything running on your computer depends on the hardware to run smoothly. Go to your local computer store and ask for a quote on a hardware tune-up. Most likely, if you bought your computer less than two years ago, the process will be painless and inexpensive. Make sure they don’t get cheap and install a bunch of low-grade parts on the PC just to give you a temporary boost in speed.

The software you really need to make your computer run faster comes with Windows already. Disk Defragmenter is one of them. All computers running a Windows version above 3.0 can defragment their drives, and you’ll find the defragmentation utility in the Accessories sub-menu of your “Start” menu. The utility finds files on your hard disk that have been scattered all over the place and puts them all in one place, making them easier to find.

Other third-party utilities might speed your computer up efficiently, also, but don’t listen to the pop-up ads that advertise a utility that can speed up your computer. Use things like Tune-Up Utilities or something you can purchase from your local computer store.

2. There Are Two Types of Memory on Your Computer

This might be rather rudimentary, but there are cases when people can’t distinguish between random access memory (RAM) and storage. Both types of memory store things, but RAM only does this temporarily.

RAM stores everything you’re running right now, at this very second. This page you’re reading, for example, occupies a certain space in your RAM and will disappear once you close the page. Active components of every program are committed to this memory. A computer’s RAM takes the form of small cards that sit in slots on the motherboard.

Storage is the kind of memory that stores everything your computer has, like installed programs and the operating system. This memory often resides in the hard drive or solid state drive. Both devices have the same purpose, but are designed differently. A hard drive has multiple platters that spin, and read/write heads that manipulate and retrieve data. It’s sort of like a vinyl record player that can also write to the record. Solid state drives are designed with flash memory, much like the memory on your digital camera or phone.

3. Windows UAC and Security Isn’t Enough

Sure, Microsoft can boast about how its product has immense security and how you are less likely to get infected by a virus, but that doesn’t eliminate the possibility of a virus finding its way to your computer. You should always install an anti-virus application on your computer to keep it safe from threats, particularly one that regularly updates its database. There are many mixed reviews about anti-virus software, so you’ll have to do a little bit of homework to find out which one is right for you. Our favorite is Microsoft Security Essential though.

Try to avoid buying an AV from a company that’s not reputable. Do a Google search for “anti-virus review.” You’ll see a whole bunch of reviews related to many different anti-virus programs. Even better, search for “top 10 antivirus software.” Just so you know, BitDefender hits the top for 2012 and it’s affordable, priced at $30. That’s much better than paying insane prices for a computer repair after an infection.

4. Windows Update is Your Friend

Some people might tell you to turn off Windows Update because of bad experiences they’ve had. DON’T DO THAT! Microsoft usually releases an update within a week of discovering a new vulnerability. By updating your computer regularly, it keeps your computer running with tighter security that others might not have. If you don’t feel comfortable turning on automatic updates, at least let Windows prompt you when new updates are available so you can pick and choose them individually. Some of the updates released by Microsoft plug up serious security holes in the operating system.

A Final Word

I remember when I was much younger and got my first computer with Windows 95. It was something exciting, an unadulterated realm where I could do practically anything I wanted. There was only one problem: My computer became infected with all sorts of viruses after only a month, and I remember all the trouble I went through to get it cleaned up. Everything started running slower after a while, and I had no clue why. With the tips I mentioned above, you’d fare much better than I did and probably wouldn’t go through as much trouble. Happy computing/Windows-ing/whatever you do!

Photo Credit: flickr

We have discussed plenty of tricks to secure WordPress, and enabling SSL encryption for your login session is yet another useful way to secure your blog.

If you are not aware, while using SSL encryption, all your data are encrypted before they are transmitted over the web. The encrypted data format data format makes it very difficult to be read by the other users.

To enable the SSL Security to your WordPress blog, you will need to have a SSL Certificate (consult your web host if you don’t have one) and then you can follow the below procedure to make it work with your blog.

• At first, Open your site directory either using cPanel File Manager or the FTP. I would recommend to use the File Manager instead of FTP.
• Once you reach the files directory of your WordPress installation, open the wp-config.php file.
• This is the WordPress configuration files and it is the most important in the whole WordPress system. After the file is opened, add the below code and save the file. You can add the code anywhere in the file, there’s no certain place for it.

/* Enable SSL Encryption */
define(‘FORCE_SSL_LOGIN’, true);
define(‘FORCE_SSL_ADMIN’, true);

• From then on, your WordPress site Admin area will always load with the SSL Encryption. If your site domain is http://www.mydomain.com, it will load the admin area of the same with https://www.mydomain.com/wp-admin.

There are so many advantages of using the SSL for your site. The above process will force WordPress to use SSL encryption for the Administration area. It is not necessary to enable SSL encryption for the frontend (unless you are running a blog shop) since all the confidential information, like the Username and Passwords are used only in the Admin area, not anywhere else.

Image Credit: Reevoo.com

1. People Click “Yes”

Even if there’s a ton of text in bold on the screen, your average home user will click “Yes” if the dialog keeps repeating itself. This is otherwise known as a reflex, and develops in the act of repetition. Let’s face it. The majority of applications on your computer are safe. If 98% of applications that open in a computer are safe, the other 2% might go unpunished as the end user clicks “Yes” every single time the annoying dialog appears. Would you really take the time to read 200 dialogs in an 8 hour day, if you’re not paid to read them? Add all this to the fact that the “Yes” button isn’t labeled “Yes,” but “Continue” – a word the mind is less likely to want to process when it’s in a hurry.

2. People Are Smug/Annoyed

This reason is much less about why UAC doesn’t work and more about what people do as a result of being annoyed. Some high-end users will disable UAC manually, and then teach their less-versed friends how to do it. These naive friends will probably forget that UAC is a security feature and consider it more an annoyance, so they’ll disable it as soon as they learn how to. Disabling UAC eventually will put them at risk for certain vulnerabilities Microsoft didn’t compensate for if the users don’t have an anti-virus application installed. The ball keeps rolling and the picture isn’t pretty.

3. Malware Doesn’t Normally Knock on The Door

If you’ve ever had the misfortune of being infected while UAC is on, you know the truth. UAC will not protect you from malware, since there are tons of different ways to call the Windows function library (WinAPI) without having to actually go through the feature’s screening process. The simplest method that malware uses to bypass the supposed security feature involves acting as an innocent application then writing all of the “bad stuff” to your AppData folder, which isn’t touched by UAC. Of course, there are other ways to bypass UAC, but I won’t discuss them for the sake of not giving people ideas.

4. Not Everyone Knows It’s Malware

It’s not like malware has an evil vampire face or Jolly Roger icon on it for you to tell what’s what. Most people will look at something like “Internet Optimizer” as an innocent application name and cilck “Confirm” in the UAC dialog if they even read the text on it. The malware infects the computer and it’s a done deal. Windows has no way of telling you, “Hey, look at this! We think it’s malware!” Knowing this, it’s difficult for someone to ever benefit from UAC.

Conclusion

While the intention of UAC is good, it often gives people a false sense of security, or worse, causes annoyance to everyone. We don’t advise you to turn off UAC completely, but don’t ever assume this is going to protect you if you are going to click the “Continue” button without thinking through the consequences.

What’ do you say? Do you think the UAC is really useful?

I am not sure about any other distro (as I have not tried them all), but in Ubuntu, the default keyring manager (also known as seahorse) comes with the ability to create public/private SSH key and help you set it up in the server.

1. In Ubuntu, open the “Password and Keys” app. Go to “File -> New“.

2. In the popup window, select “Secure Shell Key” and click “Continue”.

3. Enter a description for your SSH key and click “Create and Set Up”. You can, of course, select “Just Create Key” if you just want it to generate the keys and do nothing else.

If you click on the “Advanced option”, you can configure whether to use RSA or DSA for the encryption and the key strength. Most of the time, you can just leave this as default.

4. Next, enter a passphrase for your key. This is purely optional. To set a empty password, just leave it blank and click OK.

5. Lastly, enter your remote hostname, port and login name. If you don’t know your remote hostname, you can replace it with its IP address. Use the “:” to separate the hostname and the port, for example “maketecheasier.com:2233“. (If you are connecting via the default port, you can leave the port section empty)

6. It will then prompt you to enter your remote host login password. /home/username/.ssh/id_rsa

If everything goes well, your remote host will be properly set up to accept public/private key connection.

To accept to your remote host, you just have to enter the following command in the terminal:

ssh username@remote-host-ip-address

That’s it.

Thanks to Michael Stephenson for the tips.

1. Disable NetBIOS

I’m not kidding. Do it right now, if you haven’t done it already. I can’t stress how important it is to have NetBIOS disabled on a computer. With the feature enabled, you basically expose your entire network topography and shared files. Anyone and their dog can just hop into your network, access a specific directory tied to your IP, and see your most intimate documents. To disable NetBIOS on your computer, you need to access your network adapter’s settings:

1. Click your “Start” menu, then “Control Panel”.

2. Click “Network and Internet.”

3. Click “Network and Sharing Center”.

4. Click “Change adapter settings”. This takes you to all the network adapters on your computer.

5. Right-click a network adapter you would like to disable NetBIOS on, and click “Properties”.

6. Select “Internet Protocol Version 4″ from the list in the new window and click the “Properties” button below the list. See the image below if you’re lost.

7. Click “Advanced” in the new configuration window then click on the “WINS” tab near the top.

8. Click “Disable NetBIOS over TCP/IP” then “OK.”

This, of course, addresses only part of the problem. Windows has other security holes which can be exploited, but you already took care of a big one.

2. Limit Home Network Sharing and Discovery

While disabling NetBIOS prevents your computer from being an open book, you’re still leaving your computer out in the open with network discovery and file & printer sharing. Both of these features, while useful in a home network, can totally compromise the security of the computer. To better tighten your network, you must access the Network and Sharing Center once again:

1. Go to the Network and Sharing Center like you did in the last section. Look under “View your active networks” and note which type of network you use to connect to the internet. It will say something like “Home”, “Work” or “Public”. You’ll see a link called “Change advanced settings” right under the “Change adapter settings” link. Click on it and expand your active network type.

2. Ensure that the following options are selected:

• Turn off network discovery
• Turn off file and printer sharing, and
• Turn off Public folder sharing

Once you’ve selected these options, hit the “Save changes” button at the bottom of the window. I still got more work for you to do, though…

3. Windows Update

If you didn’t purposely disable Windows Update, you don’t need to worry about this. While I understand the urge to disable Windows Update, it’s important to use it because Windows releases “hotfixes” once in a while that will make your computer safer. I cannot stress how important it is to keep up to date with everything Microsoft offers, as it might benefit you in the battle against hackers. Every time a security hole is exploited, Microsoft quickly finds out about it and tries to develop countermeasures. Failing to receive updates will keep you out of the loop. If you host a server on Windows, the responsibility requirement to update grows tenfold.

4. Go on a Service Killing Spree

You might already be familiar with the fact that Windows runs tons of services that don’t really do anything for you if you don’t use them. Some of them even leave gaping holes in your computer’s security. If you don’t know how to disable a service, read the third section of this article, which teaches you how to reach the services window. If you want to disable a service, right-click the service, click “Properties,” expand the drop-down menu next to “Startup type,” and select “Disabled” from the list. Once you click “OK,” the service will no longer run on your computer. Now that we have established how to disable a service, do this to the following services:

• Any service with “Homegroup” in the name – Disable these services only if you don’t plan to use the homegroup features in Windows. If you don’t know what a homegroup is, just disable the services.
• Remote Registry - As the name implies, this service lets others look into your registry and modify it as they please. Would you allow a random stranger to hold the keys to your car?
• TCP/IP NetBIOS Helper - You already know what NetBIOS does to your computer. This service helps it run properly.
• Server - This service allows sharing files and printers, which you don’t do anymore. Put a lid on the problem by disabling this service.
• Computer Browser - This is what allows others to see the contents of your computer in the first place. Disable it if you don’t use it.

Disabling what these services support is only half the job. If you don’t disable the services themselves, you still could end up with very gruesome vulnerabilities that will make your computer a hacker’s haven.

Firewall & Antivirus

While the majority of you might feel this is a little redundant, some people still don’t understand the concept of locking the front door in their house. That’s exactly what the combination of a firewall and antivirus application does to your computer. An hour of aimless browsing without an antivirus app can easily turn your computer into a Petri dish full of infections and malware. Remember, though, that a virus can infiltrate your computer only if you execute it directly or indirectly.

Indirect infiltration happens when you install a program that asks you to install some third-party application that will benefit you in some way or another. The program might not have a virus, but the third party app may be infected.

Even with an antivirus program installed, I highly suggest that you execute only applications that come from trusted sources, like Microsoft, Apple, and Adobe. If you’re suspicious about an executable file (EXE), upload it here to have it checked for viruses through a comprehensive engine that checks through many different antivirus applications. Good luck and happy surfing.

Photo Credit – flickr

1. Open a terminal. Type:

ssh-keygen -t rsa

Alternatively, you can also use the DSA (Digital Signing Algorithm) technology to create the public/private key.

ssh-keygen -t dsa

Note: There has been a lot of debate about the security of DSA and RSA. In my opinion, unless you are very particular and love to delve into the technical detail between the two technology, it doesn’t matter which of the two you choose. Both will work fine.

2. In the next screen, you should see a prompt, asking you for the location to save the key. The default location is the .ssh folder in your Home directory. You can just press “Enter” to accept the default setting.

3. Next, you will be prompted to enter passphrase. This is NOT the passphrase to connect to your remote host. This is the passphrase to unlock the private key so that no one can access your remote server even if they got hold of your private key. The passphrase is optional. To leave it blank, just press “Enter”.

4. Your public and private SSH key should now be generated. Open the file manager and navigate to the .ssh directory. You should see two files: id_rsa and id_rsa.pub.

5. Upload the id_rsa.pub file to the home folder of your remote host (assuming your remote host is running Linux as well). Connect to your remote host via SSH and use the following command to move the public key to the correct location.

cat id_rsa.pub >> ~/.ssh/authorized_keys
rm id_rsa.pub

6. Still in your remote host, open the SSH config file:

sudo nano /etc/ssh/sshd_config

Scroll down the config file and make sure the following attributes are set correctly.

RSAAuthentication yes
PubkeyAuthentication yes 
PasswordAuthentication no

Press “ctrl + o” to write and save the file, follow by “ctrl + x” to close the file.

7. Lastly, restart the SSH server in the remote host

sudo /etc/init.d/ssh reload

That’s it. You can now connect to your remote host with the following command:

ssh -i /path-to-private-key username@remote-host-ip-address

Image credit: eternicode @ DeviantArt

Bitdefender Total Security 2012 is a complete security suite that comes with anti-virus, anti-spam, parental control, privacy control, firewall and many more security and Windows performance boosting features. The software, once installed, runs in auto-pilot mode so you don’t have to deal with tons of configuration options just to get it running.

To get it started, simply download and install Bitdefender (Bitdefender is NOT free. You can, however, download the free trial and see if you like it). Once installed, you will have to restart your PC.

After the restart, unlike other security suite, it doesn’t pop up to ask you to configure anything. It automatically assumes the default settings and run on auto-pilot mode. For once, I didn’t even know that it exists.

This is what you will see at its control panel:

By default, all the settings are turned to “ON”. You can easily turn them off by flipping the ON/OFF switch.

Anti-virus

The Anti-virus mode allows you to perform a quick scan, full scan, custom scan (of particular folders), vulnerability scan and reboot your PC in rescue mode. The vulnerability scan includes scanning of windows and applications updates and your password strength.

Anti-Spam

Anti-spam is probably useful only if you use email client like Outlook or Thunderbird.

Firewall

The Firewall scans your incoming and outgoing ports to make sure there is no unauthorized access to/from your PC.

Privacy Control

There are three modes in the Privacy Control section: Anti-phising, Data protection and encryption. The Anti-phising feature protects you while you are surfing the web. It detects phishing and fraud site and notifies you when you encounter one. It also integrates a toolbar to your browser and inform you if the page you are visiting safe or not. I do find this annoying though, and I switched it off immediately.

The Encryption feature allows you to add confidential files to the file vault and have them encrypted. You can also shred a file if you want to delete it beyond recovery.

Tune up

The tune up section cleans up your internet cache and detect duplicate files. You can also use it to monitor applications and see the amount of CPU and memory they are using.

Safebox

Safebox is the online backup solution of Bitdefender. They offer you 2GB of online space (bundled with the software cost) and allows you to backup important files to your account. You can get it to autosync so your important files will always be backed up. While this is a great effort by Bitdefender, a meager 2GB storage space is not going to amount to anything, especially if you are going to backup your music and videos. With online storage solutions abound, I am not sure this feature will attract any interest and usage.

Conclusion

Most security suite software use plenty of system resources and cause your system to go slow. For Bitdefender, it is not the case. At its auto-pilot mode, it only takes up less than 10MB of memory. As I mentioned earlier, I almost forgot its existence. Together with the comprehensive security features, it is definitely worth the consideration if you are looking for a security suite software.

Bitdefender costs $69.95 for 1 PC per year.

Bitdefender

Download and install Wuala on your computer. On the first run, it will prompt you to create an account (or sign in to your existing account if you have one).

Once you are logged in, you will see your dashboard with several folders (Document, Music, Photos, Videos). Unlike Dropbox, Wuala does not integrate with your filesystem. Instead, it mounts itself as a drive in your system.

You can get it to sync with any folder in your computer. To do so, click on the “New -> Sync” option and select the local folder that you want to sync.

It also works the other way – syncing your Wuala document to your local computer. You just have to select the folder and go to “File -> Synchronize with this computer“.

There are several sharing options in Wuala. By default, all your files and folders are marked as Private. No one, other than you, can view your files. You can, however, change the file permission to Share or Public. For Share option, you can share your files with your contacts, either via email or web link. For Public option, the file/folder is publicly available for everyone.

Wuala Preferences

The Preferences section of Wuala is pretty comprehensive, covering everything from your account detail, connection speed, cache size, filesystem integration, notification and many more options.

Trading of local storage in exchange for online storage

When you sign up for a free account, you will receive 1Gb of storage space. To many of us, this is too little. If you need a lot of online storage space, and at the same time, you have plenty of free space in your local hard drive, you can trade your local space in exchange for online space.

It works like this: you need to first specify the amount of hard disk space you are willing to trade (say 100GB). Depending on the amount of time you are online (for example, you are connected to Wuala 70% of the time), you will be given a free online storage space equivalent to the product of the hard drive space you are trading and the time you spent online. In this case, you will have access to 70Gb (70% * 100Gb) of online storage space.

Alternatively, you can refer your friends to use Wuala and earn up to 3Gb of storage space. Lastly, there is always the premium plans that allow you to buy storage space for a annual fee.

Conclusion

Wuala comes with plenty of features and it is really an enjoyment to use it. Personally, I like its security feature and the ability to choose the folders that you want to sync. The only gripe is the 1Gb storage space. Most online storage services offer 2Gb (some offer up to 5Gb) for their free account. Upon comparison, Wuala’s 1Gb storage space is really pathetic and unattractive. With competitors like SpiderOak and Ubuntu One, this could really make a lot of differences.

Wuala is available for Windows, Mac, Linux, iPhone and Android.

1. Google Authenticator

The Google Authenticator plugin makes use of the Google Authenticator mobile app to provide a two-factor authentication login to your WordPress site.

Note: Before activating Google Authenticator, make sure that you have enabled two-factor authentication in your Google account and installed the Google Authenticator app in your Android, iPhone or Blackberry phone.

Once you have installed and activated the plugin, go to the “Users -> Your Profile” section and you should see the Google Authenticator settings.

Check the box beside “Active” and save the changes. Next time you login, it will prompt you to enter the secret key. If you failed to enter the correct code, you will not be able to login.

Google Authenticator

2. One Time Password

One Time Password allows you to login to your WordPress without using your real password. It generates a list of passwords that you can use to login to your site. These passwords are valid only for a single session, so even when the password is stolen, others won’t be able to login to your site. This is particularly useful if you are travelling but need to login to your site in a cybercafe.

Once installed and activated, go to the One Time Password section to generate your password list. Enter a passphrase and click the “Generate” button.

Print out the generated password list and bring it with you wherever you go.

When you need to login, it will show a sequence number. You just have to match the sequence number with your password list and enter the password accordingly.

One Time Password

3. WP Login Security

WP Login Security works via the IP address. It first requires administrators to register or whitelist their IP address. Next, it will detect the IP address whenever the administrator logins. If the IP address is not recognized, it will send an email to the administrator with a link that contains a one-time key.

A good thing about this plugin is that there is little or no configurations required. You just activate it and it is good to go.

WP Login security

4. Login Lockdown

We have mentioned Login Lockdown before in our previous post on WordPress security. We are going to mention it again here because it is truly a useful plugin. What it does is to records the IP address and timestamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range.

Login Lockdown

5. WP Firewall 2

This plugin is not directly related to the login field, but it protects your site by investigating web requests to identify malicious attack. It is able to stop the attack before it causes damage to your database.

After activating, you can find the configuration options under the Firewall section. The default options are often good enough for everyone and you seldom have to make any changes.

WordPress Firewall 2

The above mentioned methods are only some of the ways to protect your WordPress site, don’t forget to check out:

• 11 Ways To Secure Your WordPress Blog
• How to Increase Your Website Security And Performance With CloudFlare
• How To Connect To Your WordPress Account Via Secure FTP

Why is this important to you? A mistake made by the Dropbox team few days back had left the Dropbox’s main door open for 4 hours. During this period, anyone can log into any account and access all the files in that account without any passwords. While this affects only 1% of its users (which amounts to about 250,000, and that is not a small number), if you are one of those whose accounts have been compromised and you have confidential files in your Dropbox, you better watch out for the bad things that might happen to you.

Since you never know when such incident will happen again, it is best to encrypt your files before you sync them to the cloud so there is a second level of defense when your account has been compromised.

1. SecretSync

SecretSync is a file-by-file encryption solution for Windows and Linux. Once installed, you will find a new “SecretSync” folder in your user directory. Any files that you place in this folder will be encrypted and sync to Dropox.

The installation and usage of SecretSync for Windows is pretty straightforward. You simply download, install and run it. it will then guide you through the encryption process.

For Linux, the usage is purely command-line based.

1. You have to first download the deb file and install it in your system.

2. Open a terminal and type

secretsync

This will run the installer and download the necessary files from SecretSync site. It will also run you through the setting up process.

After the installation, type

secretsync start

to start the SecretSync service. You should see a new SecretSync folder in your Home directory. Any files you place in this folder will be encrypted and synced to Dropbox.

Note: The latest version of SecretSync will add itself to the autostart item automatically. The following step is meant for the older version.

To get SecretSync to autostart everytime you login, go to “System -> Preferences -> Startup Applications” and create a new startup item.

SecretSync

2. Encfs

Encfs is a better solution than SecretSync because it stores the encryption keys on your local machine and it can work in Linux (natively), Windows (via BoxCryptor) and Mac (via MacFuse), which is great if you use Dropbox on more than one operating system.

In Ubuntu, open a terminal and type:

sudo apt-get install encfs
sudo addgroup <your username> fuse

To create an encrypted folder, type the command:

encfs ~/Dropbox/.encrypted ~/Private

The above command instructs encfs to create an encrypted hidden folder (with name .encrypted) in Dropbox and mount it in the Private Folder in your Home directory.

When it prompts you for the configuration option, press “p” follow by Enter.

Next, it will ask you to enter your password. Be very careful with what you type since it won’t appear in the screen.

That’s it. Whatever files you place in the Private folder will be encrypted and synced with Dropbox.

To get the encrypted folder to automount everytime you log in, you can use gnome-encfs.

1. Download gnome-encfs here (or grab the source here) to your Home folder.

2. Type the following command:

sudo install ~/gnome-encfs /usr/local/bin
gnome-encfs -a ~/Dropbox/.encrypted ~/Private

GUI for Encfs

In Linux, Cryptkeeper is an application that provides a graphical interface for encfs. It doesn’t come with the full configuration option for encfs, but if you need an easy way to get started quickly, this will be very useful.

In Ubuntu,

sudo apt-get install cryptkeeper

Cryptkeeper works as a system tray applet. If you are using Unity, use the following command to get it to work:

gsettings set com.canonical.Unity.Panel systray-whitelist "['Cryptkeeper']"
setsid unity

BoxCryptor

BoxCryptor is not really a GUI for encfs, but its encryption method is compatible with encfs. If you have created an encrypted folder in Linux, you can use BoxCryptor in Windows to mount the same encrypted folder.

3. TrueCrypt

TrueCrypt is another powerful and cross-platform compatible encryption tool that you can use. We have mentioned it here and here, so we won’t go through it again.

One disadvantage of TrueCrypt is that you have to create a fixed size virtual container before you can use it. In addition, you can only get it to sync after you have unmounted it. This means that you won’t be able to sync your files in real time. Other than that, if you need a true cross-platform solution, then TrueCrypt is definitely the one for you.

That’s it. Which method do you use to secure your files in Dropbox?

While Apple does release new batch of definition files in its daily updates, some users have reported that the files have not been automatically updating the way that they should. This procedure shows you how to check if your virus definition files are up to date, and if not, how you can update them manually.

Check To See if Your Malware Definition Is Up To Date

1. In the Spotlight, search for “terminal“. Open the Terminal app.

2. Copy and paste this command:

more /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta.plist

4. In the code that comes up, you should see a last modification date in the code. If this date is today, you do not need to update. If it is not today, then you need to update your virus definitions manually. The date line should look like this:

How to Update You Virus Definitions

You are going to love this one because it is so simple. Just follow these steps:

1. Open your System Preferences.

2. Click on the “Security Preferences” pane.

3. Uncheck the box next to the word “Automatically update safe downloads list”.

4. Re-check the box.

There you have it. You will have your files automatically updated. You might want to double check your system with the same command to see if the file is is up to date. If you see today’s date, then you are good to go. If not, you might need to check your Mac for 1. virus that prevent the system for auto-update, 2. software defects.

There you have it, the best way to make sure that your system is up to date on the virus definitions that are available to you.

Image credit: ?rakaz

Introduction

Login Approvals is a security feature that requires two-factor authentication from the user before access is permitted. This is a type of security feature which requires two separate steps to identify a user. In short, instead of just using a password, the user must input some other information. In this case that other information is a code sent to an authenticated mobile phone.

Set-Up Two-Factor Authentication

To set-up two-factor authentication, you have to enable the option in Facebook.

Once you have logged into Facebook, click the Account link at the top of the page and select Account Settings.

This will open up your general Facebook Account Settings page. Here, click the “change” link next to the “Account Security” option.

This will open up a drop-down below the “Account Security” section.

Firstly, you have the option to enable “Secure Browsing” which automatically switches your Facebook session over to a secure HTTPS connection.

Secondly, you can enable “Login Notifications” which notifies you via email and text messages whenever someone logs in to your Facebook account.

Finally, you have the option to enable “Login Approvals“. Check the box next to “Require me to enter a security code sent to my phone” to activate this feature.

After you do so, a pop-up will open which will guide you through the process of enabling this security option.

After selecting Next you should receive a text message on your phone which will be in the following format:

“Please use the code 12345 to confirm access to your phone for login approvals.”

Keep the code in mind and enter it into the box to confirm your phone.

If the phone number displayed is incorrect, select “Change my phone” to enter the mobile number you wish to associate with your Facebook account.

You have to confirm this number through a text message. Once you have added your number, you are directed back to the original page to continue setting up the two-factor authentication.

Once you have confirmed access to your phone, you will have to name your computer to add it to a list of recognized devices. Essentially, this computer will not require authentication after it is “recognized”.

That’s it! Two-factor authentication is now enabled for your Facebook account.

Logging In With Two-Factor Authentication

When logging into your Facebook account from a new device, a code will be sent to your phone which you will have to enter before you are granted access to your Facebook Account.

Once you enter the code, you will have to name your new device and add it to the list of “recognized devices”.

If you don’t have your phone, you will not be able to login to your Facebook account from a new computer. However, you can still login to your account from a computer that has already been authorised.

Conclusion

The two-step login verification function is a useful feature implemented by Facebook. However, it can become a problem if your phone is lost or for some reason you are not able to see the code on it. For example, if you travel to an area with no mobile reception, you will not be able to receive the code that allows you access to your Facebook account. On one hand this feature is useful if you are abroad and you want to ensure that your account is protected. On the other hand, you would not be able to use the two-step verification because your phone may not have roaming enabled. Although mobile phones are generally within easy reach, there will be plenty of times when login may become impossible simply because your mobile phone is not at hand. Hence, we suggest considering whether the benefits outweigh the difficulties of using the service.

Do you know that Google actually penalizes websites that are slow to load? If you want to get a good search engine ranking, one of the most important thing is to make sure your site load fast, blazingly fast!

If you are running WordPress, we have already mentioned several ways to polish up your site loading speed, including adding Google Analytics site speed tracking feature, lazy loading your images, using W3 Total Cache and minify the code.

One other way is to use CloudFlare as a proxy server.

CloudFlare acts as a proxy server that link between you and your readers. When your readers enter your site’s URL, the browser will first connect to CloudFlare, which will then detect their locations and load your site content from the server closest to the readers. This will ensure your reader get the fastest loading time and performance. Furthermore, CloudFlare caches your script, css and image files, so there is no wastage of bandwidth and server resources.

In addition, as a proxy server, CloudFlare can detect who is accessing your site and block threats and limit abusive bots and crawlers before they reach you. In other words, CloudFlare is able to increase your site security as well.

Configuring CloudFlare

Getting your site to run with CloudFlare is easy.

1. Go to CloudFlare.com and sign up for an account.

2. Next, enter your site’s domain name. Click “Add this domain”.

3. CloudFlare will then scan your DNS. It might take up to 2 minutes. Once the scanning is completed, click “Continue to Step 2″.

4. The next page displays a list of your site existing DNS record. Check to see if they are correct. If necessary, you can add in extra DNS record here. If everything is correct, scroll down to the end and click “I’m done checking my DNS records, continue”

5. CloudFlare will then register your DNS setting and configure itself to power your site. CloudFlare will also add a sub-domain (of the name “direct”) for you to access your server without passing through the CloudFlare network.

6. The last step is to update your domain with the new DNS setting. If you register your domain name via a domain registrar, you can login to your domain registrar account and change the DNS setting. If you got everything set up via your web-host, submit a ticket and get them to change the DNS setting for you.

That’s it. You are good to go.

This is loading speed of Make Tech Easier before and after implementing CloudFlare.

Before:

After:

There is a saving of 1.8 second, which translate to a 18.5% improvement.

The above results were taken from Pingdom. You should also test out your site loading speed before and after implementing CloudFlare too.

What’s next after configuring CloudFlare?

After you have set up CloudFlare, login to your CloudFlare account and go to the “Settings -> CloudFlare Settings” (the link is beside your website). Here is where you can configure the settings for CloudFlare. Some of the important settings include Security level, Caching level, customize the Challenge page, E-mail Address Obfuscation, IP Geolocation (useful if you are showing geolocation ads) and Hotlink Protection.

In addition, if you are using WordPress, install the CloudFlare plugin which can help you optimize your database and better protect your site from spammers.

Image credit: lrargerich

1. Using strong passwords

This is the first and foremost setting that a user needs to be responsible for. You should be using strong and secure passwords so that no one will be able to use brute force methods to guess your password. So what is a strong or secure password? The password which is:

• Not a dictionary word (regardless of any language)
• Not a variation of a dictionary word
• Not a sequential or repeated word
• Doesn’t include any personal information like name, birthdate, Govt. issued IDs etc.

There are many random password generators but if you want to remember your password then you should follow the way to create passwords recommended by Microsoft itself.

2. Connecting With HTTPS

Using HTTPS instead of HTTP means that you’re using a secure means of communication between the Hotmail servers and your computer. If a hacker intercepts the connection during the communication, the connection will simply break and the hacker will not be able to get any information about the communication. Almost all the modern browsers will display a green bar that shows the owner of the site in the address bar. Make sure that the owner of Hotmail.com when you open it is Microsoft Corporation.

Here’s how it looks like in Internet Explorer:

And here’s the screenshot from Firefox:

To always use HTTPS, just go to the Microsoft manage SSL page and select “Use HTTPS automatically“.

Please note that if you’re using a desktop client with Outlook Hotmail Connector or Windows Mobile, you’ll get some problems with HTTPS. Then you can leave the above settings to “Don’t use HTTPS automatically” and then always open Hotmail using https://www.hotmail.com in order to check your email.

3. Password Reset Information

You must ensure that your password reset information in your Hotmail account is always up to date so in any case if you forget your password, you’ll always be able to reset your password using the recovery information. To reset your password information, you’ll need to go to Windows Live account page.

You should always have a secondary email address that you can attach to your Hotmail account so that your password reset information is sent to your secondary account if you forget the password.

You can also add your mobile number as a recovery option so that the password reset information can be sent to your mobile phone in case of emergency but this option is only available to a few selected countries right now.

You can also add a Trusted PC if you use your account only on one PC. Windows Live Essentials is needed to be installed in order for this feature to work.

And the last and most important is the security question. The security question is like a password. You should always specify a secure security answer in order to have your account secured and away from hackers. Please refer to the “using strong passwords” topic for more information about secure passwords.

4. Using Hotmail On A Public Computer

There are times when you’ll need to check your email on a public computer when your own trusted computer is not available. You should always use HTTPS instead of simple HTTP on public computers. There is another feature “Get a single use code to sign in with” which works great if you are residing in a supported country. You can get a code for one time use on your mobile when you want to sign in to your Hotmail account on a public computer. This will ensure that you don’t have to type your real password and will use an auto generated password which will work only one time.

Keeping all these points in mind when using your Hotmail account will make sure that your account will always remain safe from wrong hands and hackers.

Image credit: CarbonNYC

Certain Android powered devices require this option for various file operations, for example to automatically synchronize the content in the phone with the data stored on your desktop computer.

I was quite astounded at this when I wanted to use MyPhoneExplorer, a handy Windows phone manager with my Android powered phone for the first time. I opened the Help dialog of the app with brief information. It suggested me to make sure whether USB debugging is activated in my device.

“Where will I find it?“, this question kept running through my head. There was nothing else to do, I opened the User Guide of my phone, and searched for this keyword. After skipping some matches, I found the desired chapter. I had to recognize, it is not so complicated, only a few steps needed.

I hope I will make you find it easier by following the below step-by-step instructions and screenshots.

First Thing First

If you already connected your mobile device with your computer via the USB cable, please unplug it from your phone, otherwise your device will prompt you a warning requesting to do so.

If the cable is left in the phone, you will tap the OK button in vain, the ‘USB debugging’ option will remain ticked. So, unplug the cable, please.

Where Can I Find It?

Let’s go deeper, step by step:

1. Tap the Applications shortcut in the idle screen.

It may a bit faster when you press the menu key on your phone and tap Settings in the quick launch bar.

In this case you can skip Step 2.

2. Tap the Settings item in the applications list.

3. Select Applications in the Settings screen that opens.

4. Tap Development in this screen.

Now you got it! The first item in this screen, that is loaded, is ‘USB debugging’.

Some More Actions

Now tap the ‘USB debugging’ option in the display. Your phone will raise the question whether you want to switch on this setting. Confirm your decision by tapping the OK button.

A green tick will appear, it means that the check box is selected and this feature is activated.

Now you can replug your cable in the phone. When you replugged the USB cable, your device will notify you about the successful connection by displaying two appropriate indicator icons in the status bar (upper left corner of the screen).

When you scroll down the status bar, you can learn the meanings of these icons.

Your Android powered device is now ready for the communication.

Security Concerns?

When I read the confirmation message, I was a bit afraid. When the USB debugging is activated, it can be used for synchronizing data between your phone and your computer. In addition to this, (unwanted) applications may be installed on your phone without your prior knowledge. Your user names and passwords stored by the applications installed on your device can be accessed. Logs, hardware information and the list of installed applications can be accessed as well.

Finally I realized, these all are things what an experienced user already should know. They may compromise your privacy, so ensuring your security, it is highly recommended to deactivate the USB debug mode at the end of your session.

Anti-virus suite aside, the next better thing you can do to protect yourself is to setup a security sandbox for your users to access. Within this zone, any virus or security threat won’t be able to make changes to the system files and folders. BufferZone Pro is one such software that provides security sandbox, and it is free.

What BufferZone Pro does is to create a virtual zone where you can surf the web and IM chat with your friends. Within this zone, all potentially threatening programs and files remain isolated from your personal files and your PC’s operating system and your personal and private information (especially when you are doing Internet banking) stay in a separated trusted environment.

Download BufferZone Pro and install it in your Windows computer.

There’s almost zero configuration required. Once you are done with the installation, BufferZone Pro will scan our system for software that access the Internet. When you open your browser or any other app, you will see a big red border around it, which means the session is being sandboxed and protected.

When you open the BufferZone dashboard while you are surfing, you can see the number of activities it is monitoring and the number of privacy and system threats prevented.

If there is a program that is not protected by BufferZone, you can also manually add it into the virtual zone.

Other features include creating a snapshot of your current virtual zone and the ability to restore from it in the future. You can also hide confidential files so it won’t be detectable on the web.

Personally, I have tried BufferZone Pro and I am surprise that it doesn’t affect the speed of browsing, nor does it slow down the system. Other than the big red border (which is rather ugly) that signifies its existence, everything run as per normal, except with the added security.

Even if you already have the best anti-virus suite around, it doesn’t hurt to install an extra layer of security to protect yourself and your computer. Give BufferZone a try, especially if you are a system administrator or technician.

BufferZone Pro

Image credit: CarbonNYC

Of course the safest option would be to avoid transmitting private data such as passwords, PINs, and bank account numbers over the internet; but there are times of urgency when sharing this information online cannot be avoided. For these times, CloudSafe is the best tool to use.

Introduction

CloudSafe is a brilliant web service that helps share sensitive data online. The site lets you upload any type of file and encrypts it using AES 256. You can then optionally grant your contacts access to your encrypted files. The way CloudSafe executes this process is what sets it apart from similar websites.

Functioning and Usage

To put it succinctly, CloudSafe creates virtual safes in the cloud i.e. on the internet. As a CloudSafe user you can create virtual safes that hold the encrypted files you upload. These safes have variable levels of access that give you a great control over how and with whom the safe’s contents are shared.

For each new safe you create, you can enter a name, description, and brief note. In the same stage that you enter this information, you can upload files from your computer to the safe. To ensure no additional files are mistakenly uploaded, the site does not support batch-uploads.

With your virtual safe created you can specify the type of access your contacts have to the safe. The different types of access include the ability to read and write data, a dual-permission procedure that requires 2 people to have each other’s permission to view the data, and a confirmation procedure that lets a person access the safe only after obtaining permission from another person.

These variable levels of access ensure that you have full control over the safe’s contents. They let you be precise when it comes to deciding who you share the data with and to what extent.

The people you share your safes with must be CloudSafe users. In case they are not CloudSafe users, an invitation email is sent to them. The notification of sharing your safe can be accompanied by a custom message that you choose to elaborate what you are sharing.

CloudSafe users to whom you have granted access, can view the safe and easily access its contents.

Your contacts can also view the level of access they have for your safes.

The contents are displayed in a user-friendly manner with the size and date of each file displayed. Users can download a file simply by clicking on its title.

Other ways of sharing your safe’s contents are by setting an access code or by enabling a feature called “WebDAV.” With WebDAV you can temporarily allow people not on CloudSafe to access your safe’s contents. WebDAV provides a URL to your safe along with a secure username and password to access the contained files.

People not on CloudSafe will be able to view your safe’s contents only after you share the public URL along with the WebDAV username and password. You can disable WebDAV anytime and revoke the access you had granted.

Pricing

The free account offered by CloudSafe allows a maximum of 3 safes with a total storage capacity of 1 GB. If at any time you require more safes or a greater storage, you can opt for the site’s premium services.

Conclusion

CloudSafe provides a valuable service to all of its users. Previously you had to avoid transmitting sensitive data online; but with CloudSafe you can save a ton of time by sharing files securely through encryption. Whether you need to share sensitive files for personal or business use, CloudSafe will serve perfectly.

You can visit CloudSafe over here.

Setup 2-Step Verification

1. Navigate to your Google settings page.

2. Click on “Using 2-step verification”. This is under the Security section of the Personal Settings column.

3. Enter your Google Account password.

4. Confirm that you would like to use the 2-step verification process. This is an important step and you must read it carefully before carrying on with the rest of the process.

Essentially, the 2-step verification process requires you to enter two pieces of information before you can access your account. Firstly, you must enter your standard Google password. Secondly, a verification code will be sent to your phone which you must also enter.

Setting up 2-step verification means that hackers will be unable to access your account if they only have your password or phone. However, it also means that you would always need to have your phone at hand whenever you want to login to your Google Account.

5. The first step in setting up 2-step verification requires you to enter the model of your phone. Since I have an Android-based smartphone I select “Android“.

6. Next, you must download and install the Google Authenticator app from the Android Market. When you have downloaded and installed the app click Next.

7. Now you are given two options to configure Google Authenticator.

Firstly, you can simply use your phone to scan the QR code displayed on screen.

To do this, click on “Scan account barcode” in the Google Authenticator app on your Android phone, and hold the phone up to the barcode displayed in your browser.

If for some reason you are unable to do this, select  “Manually add account” in the Google Authenticator app. Next, you will be prompted to enter you full email address and your secret “key“.

The secret key can be obtained from the page where you choose your phone model.

Finally, select “Time-based” key and hit “Save“.

Whichever way you choose to use to add your account a verification code will appear on your Android phone in the Google Authenticator app.

Take note of this number and hit Next in your browser.

8. On the next page enter the verification code from above. Once the code is verified and the device is configured, click Next.

9. Your phone is now configured. But, wait! What happens if your phone is lost or stolen? In order to prepare for this contingency Google allows you to add backup options for receiving verification codes. Click Next to set up these backup options.

The first backup option gives you a set of printable codes that can be substituted for the verification code. These ought to be printed and stored in a safe location. Click Next once you have printed out the codes.

Secondly, you can add a mobile or landline number of a trusted friend. Test this number to ensure that the verification code can be received on this device. Click Next once you have configured the phone number.

10. Finally, hit “Turn on 2-step verification” to activate this feature.

Now, whenever you sign into a Google service (such as Gmail) you will be prompted to enter a verification code. You must use the Google Authenticator app on your Android phone to obtain a verification code (NB: the code changes every few seconds). You can also ensure that the device you are currently using remembers the verification for the next 30 days.

Setup Application-Specific Passwords

2-Step verification will now work with your Google Account, however some applications will require a specific password as they do not support the verification code feature. Do the following to set up application-specific passwords:

1. After signing in for the first time you will be informed that you must create application specific passwords to ensure these work with the 2-step verification process. Click “Create passwords” to proceed.

2. On the next page you will see a list of apps you have given access to your account. Below, you can name the app you wish to create a new app specific password for.

3. Hit “Generate password” to see your newly created password.

4. You must now enter this password into that specific app before it works with your Google Account.

De-Activating 2-Step Verification

To de-active 2-step verification, simply navigate to the 2-step verification management page and select “Turn off 2-step verification…“.

In this tutorial, you will learn how to protect your system from an untrusted software.

1. Use your Antivirus

This may sound pretty obvious, but it is surprising that many people are not fully utilizing it. Some malware are known to prevent antivirus from running properly, so before you install anything, it is best to scan the file before running it.

This check is not going to take more than 1 minute and it is definitely worth your effort. If you don’t have any antivirus suite yet, Microsoft Security Essential is a good choice.

2. Check Digital Signatures

Some files include a signature to provide information about the developers who created the file. Virus and malware programs don’t usually include this information. We can easily check a file for its signature and discard those suspicious software that don’t come with one.

Right click on any file. Select “Properties”:

If the program include signatures information, you will see a new tab:

In this case we see that is signed by “RealVnc Limited“.

Note: Not all valid programs are signed, but at least you can eliminate the probability of a virus if the program include digital signature information.

3. Create A Restore Point

Every time you are going to make something risky with your computer, make sure you create a restore point. This applies to installing of a new antivirus suite or a new driver as well. Having a restore point allows you to restore the system back to an earlier time before the changes are made. Here is the way to create a restore point:

Using the search function in windows 7 type “create restore point” and select the program:

Go to the “Create” button:

Now the system will ask for a name for that restore point and create it. Select a descriptive name so you can find it easily.

4. Create A Standard User

Windows 7 creates its first user with administration rights. This user has the permission to do almost everything in your computer. It is a really good practice to never use your admin account for normal use of the computer. The best way is to create a standard user for your everyday use.

Go the search function type “user accounts” and press Enter:

Select “Create a new account“:

Type a name for the user, remember to check “Standard user” and click over “Create account“:

5. Restrict Access To Internet

Many viruses use Internet to look for updates. Other kind of malware, such as keyloggers, send every key you type to Internet. So if you don’t trust a program, you should block its access to the web.

Search for “windows firewall advanced“.

Goto “Outbound Rules” and select “New Rule…“:

In this case we are going to block a normal program, so select this option and press next:

Select “Block the connection” and press next:

Now you are done.

Note: If you are testing out a software, you can also use Windows XP Mode for Windows 7 or a virtual machine using Virtual Box to prevent any changes to your system.

Do you use any other security tips in your computer?

Before you went into a frenzy state, there are ways that you can use to protect yourself from being hacked.

Use a VPN on unsecured networks

Of course, the best practice is to stay off open unsecured network. But if you are urgently in need of an Internet connection and the nearest Starbucks is the only way you can get connected, you might want to consider using a VPN.

There are plenty of VPN service out there, mostly will cost you a small monthly fee. Those looking for free VPN service can check out IBVPN who give out free VPN accounts on a monthly basis.

Use Firesheperd on Windows

Update: The developer of Firesheep has feedback that this Firesheperd software might do more harm than good. Use it at your own risk.

If you are using Windows, you can also use the FireShepherd to block FireSheep. What it does is to make use of an exploit in FireSheep and floods the nearby wireless network with packets designed to turn off FireSheep. This will effectively shutting down nearby FireSheep programs every 0.5 sec or so.

Firefox

If you are a Firefox user, install the BlackSheep extension. What it does is to detect the presence of Firesheep (using fake session ID) and warn you about it. It does not protect you from being hacked, but at least it alerts you to the vulnerabilities of your connection.

In addition, you can force the Firefox to use SSL connection (whenever it is possible) using the HTTPS Everywhere extension.

Sites such as Facebook, Twitter, PayPal have support for encryption over HTTPS, but most of them only enable it for the login page. For example, after you have logged in to Facebook, you will be redirected to the unencrypted HTTP page. The HTTPS Everywhere extension fixes these problems by rewriting all requests to these sites to HTTPS.

Google Chrome

Blacksheep is not available for Google Chrome yet, and the closest you can get to HTTP Everywhere is the KB SSL Enforcer extension.

Similarly, this extension redirects the user to HTTPS page whenever is possible. While it is not completely secure against the infamous Firesheep, it does minimize the risk greatly.

Gmail/Hotmail

Gmail has already default all its connection to use HTTPS, but it never hurt to double-check. In your Gmail account, go to “Settings -> Accounts”. Scroll down till you find the “Browser connection” option. Make sure that “Always use HTTPS” is checked.

In Hotmail, you can also enable HTTPS by going to your Windows Live account and select the option “use HTTPS automatically“.

There are plenty of ways that you can use to protect yourself and the above mentioned is only a small list. How do you protect yourself from FireSheep? Or you don’t really care at all?

Image credit: Sultry