security

And the most security-riddled program of 2012 was….

Dave Farquhar security , , , , , , , ,
Secunia released its annual vulnerability review, a study of the 50 most vulnerable pieces of software in 2012. It was a fairly tight-three way race at the top, and the distance between #3 and #4 was huge.

I was actually surprised at who the top three were. They weren’t the three usual suspects. But in the case of the top two, they did, to their credit, roll out fixes within 30 days of disclosure.

So now that I’m killing you with suspense….
Read more

Some computer maintenance for the upcoming family get-togethers

Dave Farquhar security , , , , , , , ,

If you’re like me and do some computer maintenance for families during holiday weekends, the time to plan Easter computer maintenance is now.

Here’s some stuff I recommend doing to keep your non-computer-enthusiast relatives’ systems running smoothly. Be sure to bring your own laptop along, just in case. If a computer is too broken to get online or to get online safely, nothing beats a working system for downloading the stuff you need to fix it. Read more

Bitdefender 60-second virus scan: a review

Dave Farquhar security , , , , , ,

I mentioned Bitdefender 60-second virus scan the other day, but didn’t give it a proper review. It’s time I remedy that.

It’s a small 160K stub that downloads a few more megabytes worth of stuff after you run it. Unlike most other free antivirus apps, this one is intended to be secondary–a marketing tool to show you what your primary antivirus isn’t catching that Bitdefender would, I suppose. But I think it’s useful as a second line of defense, and recommend using it as such.

Read more

The men (boys) who spy on women through webcams

Dave Farquhar security , , , , , , , , , , , , ,

Ars Technica made a bit of a splash this week with this provocative headline. This is real.

The article gives the usual advice, like not opening e-mail from strangers, not clicking attachments from strangers, and not visiting dodgy websites. That’s all good advice, as is staying off torrent and other file sharing sites, but even all that is not enough.
Read more

Here’s a nice Linux tool: checkrestart

Dave Farquhar security , , , , ,

Tom Gatermann told me about a nice tool for Debian (and presumably Ubuntu) called checkrestart. Sometimes, even though you did an apt-get update and apt-get upgrade to bring your system up to date, you can still be running the out-of-date version of something. That’s the problem checkrestart helps you solve.

Read more

How to pick a decent password

Dave Farquhar security , , , ,

Although I write about passwords about 8 times a week, it seems, it occurs to me that I haven’t–at least not recently, that I can find–written about how to make up a halfway decent password.

So, here’s how to make a decent–I won’t say great–password.

Read more

Java’s been updated again. For the fifth time this year.

Dave Farquhar security

Seriously, Java and Flash and Acrobat have been updated so many times this year, you could almost make a drinking game out of it. Java is on update number five for the year, and it’s only the first week of March.

Of course, if you uninstalled Java, you don’t have to worry about 0-day vulnerabilities or the patches that come afterward to prevent them. If you installed Secunia PST, you don’t have to worry about the updates; they come down automatically. The ideal thing is to do both.

An SSD data loss issue–and how to prevent it

Dave Farquhar Hardware, security , , , , , , , ,
An SSD data loss issue–and how to prevent it

Longtime reader Dan Bowman–probably my very first reader, come to think of it–sent in this article from Infoworld regarding SSDs and data loss in power failure.

It’s not theoretical. I’ve seen it. I also know how to prevent it.

Read more

Avast 8 is out and already well-regarded

Dave Farquhar security , , , , ,
Avast 8 is out, and the initial reviews are positive.

If you use Avast, either as your primary or as your secondary AV, updating it is a good idea. One critical improvement is that virus database updates happen more frequently now. There’s no such thing as too frequently when it comes to database updates.

Use Secunia PSI to keep all your programs up to date with minimal effort

Dave Farquhar security, Windows , ,

Did you know Adobe released three Flash updates this month? And that every last one of them was absolutely, positively necessary? (At the time. They’re cumulative.) Seriously, you need a computer to keep track of all this stuff.

Secunia PSI is a free program to keep track of these updates and pull them down and install them for you. I’ve written about it before, but not in any depth. I downloaded it to a machine that didn’t have it, and it scanned my system, found four out-of-date programs–it knows about 3,000 pieces of software–and updated three of the four without me doing anything at all. It’s dead simple. Download it, install it, accept the defaults, and let it run. If you can’t get by without the four horsemen of the security apocalypse (Quicktime, Flash, Acrobat, and Java), at least Secunia PSI will ensure you’re running the least insecure–I’m not calling any of those security nightmares any word that would suggest they’re good–version of each.

If you’re running Windows, go download it and install it, please. It’s not a substitute for antivirus software, but it’s a tool that can close the security holes that antivirus software can’t protect you against. Really, you probably need both.