security

Get defense in depth with antivirus by installing Avast as a secondary scanner

Dave Farquhar security , , ,

Two antivirus programs on one system? Heresy, right?

Well, not if one is designed to play second fiddle. As it turns out, Avast, one of the best free antivirus programs, can do just that. Just download it, run the installer, and pick the second option–“Compatible install – install as the second line of defense.” Be sure to de-select the option to install Google Chrome and make it your default browser, unless you want that. Free programs often come with ridealongs.

Read more

8-character passwords are obsolete

Dave Farquhar security , ,

In case you missed it, a researcher has built a system that can crack every possible 8-character password in less than six hours. 8-character passwords are obsolete.

If he’s got it, so do the bad guys. Read more

Workable two-factor authentication

Dave Farquhar security , , , , , , ,

I’m several months late to this party, but I just saw Marcel’s post on Google’s two-factor authentication with a smartphone.

He’s right. It works until someone steals your phone. Once someone steals your phone, you’re in a world of hurt. It’s just a compromise, until we find a way to do two-factor authentication the right way.

The right way is with a smartcard, issued by some sort of central authority. Read more

Ars Technica: 64-bit Firefox on Windows needs to be a priority

Dave Farquhar security, Software , ,

Ars Technica said yesterday that Mozilla needs to make 64-bit Firefox on Windows a high priority. I agree with this completely. With web browsers, you can’t have too much security, and Firefox on Windows is a big target.
Read more

Reduce your RAID failure rate

Dave Farquhar Hardware, security , , , ,

It’s not often that you end up talking about computer hardware at church. It’s especially not often that you end up talking about a RAID failure at church. But one such conversation got me thinking again about ways to reduce RAID failure rate.

This past Sunday, I talked with the executive director, who told me five of the drives in the 8-drive RAID array failed all at once. “That’s not supposed to happen,” he said.

It isn’t. But I know why it did.

Read more

Dvorak is wrong about the cyber war

Dave Farquhar security , , , , , , , , ,

So John C Dvorak (I’ll call him John Dvorak because he hates it–John Dvorak John Dvorak John Dvorak) says that cyber warfare, like Y2K, is a bunch of hooey.

I lived through Y2K, and I’m fighting the cyber war. He’s wrong on both counts. Read more

How to encrypt PDF files for free

Dave Farquhar security , , ,

Yesterday I wrote about the importance of encrypting documents before you send them via e-mail. But what if you don’t have a PDF creator, other than Microsoft Office or Open/Libre Office?

It turns out you can encrypt PDF documents, including those you create with office software, for free–with caveats.

Read more

How to send banking documents securely over e-mail

Dave Farquhar security , , ,

When you’re getting a loan, sometimes you have to send documents like bank statements electronically. If you want the money in those bank accounts to actually stay there, you need to protect those documents before you send them.

There are three relatively easy ways to do it, depending on what software you and the person on the other end have.

Read more

Scratch one fake antivirus vendor

Dave Farquhar security ,

The FTC appears to have sued the makers of XP Antivirus, among others, out of business–to the tune of $163 million.

There will be no tears from me.

Read more

CISSP vs. CASP vs. CEH

Dave Farquhar security , , , , , , ,

One of my coworkers invited me to watch a webinar with him today that promised to compare CompTIA’s new high-end certification with the CISSP.

I was skeptical at first, especially when I heard it was an 80-question, 150-minute test. But by the end, I mostly liked what I heard.

Read more