antivirus

The ACLU has a point about smartphone security

Dave Farquhar Android, security , , , , , , , , , ,

The ACLU complained to the FTC that carriers aren’t patching vulnerable Android phones. They have a point.

Phones are profitable, and the carriers are trying to have it both ways. Read more

Some computer maintenance for the upcoming family get-togethers

Dave Farquhar security , , , , , , , ,

If you’re like me and do some computer maintenance for families during holiday weekends, the time to plan Easter computer maintenance is now.

Here’s some stuff I recommend doing to keep your non-computer-enthusiast relatives’ systems running smoothly. Be sure to bring your own laptop along, just in case. If a computer is too broken to get online or to get online safely, nothing beats a working system for downloading the stuff you need to fix it. Read more

Bitdefender 60-second virus scan: a review

Dave Farquhar security , , , , , ,

I mentioned Bitdefender 60-second virus scan the other day, but didn’t give it a proper review. It’s time I remedy that.

It’s a small 160K stub that downloads a few more megabytes worth of stuff after you run it. Unlike most other free antivirus apps, this one is intended to be secondary–a marketing tool to show you what your primary antivirus isn’t catching that Bitdefender would, I suppose. But I think it’s useful as a second line of defense, and recommend using it as such.

Read more

The men (boys) who spy on women through webcams

Dave Farquhar security , , , , , , , , , , , , ,

Ars Technica made a bit of a splash this week with this provocative headline. This is real.

The article gives the usual advice, like not opening e-mail from strangers, not clicking attachments from strangers, and not visiting dodgy websites. That’s all good advice, as is staying off torrent and other file sharing sites, but even all that is not enough.
Read more

The faceless enemy

Dave Farquhar Uncategorized ,

I read a surprising story today that shows what happens when you remember the people you disagree with are human, too. This is the story of an incident that happened during World War II, over Germany.

From CNN:

The pilot glanced outside his cockpit and froze. He blinked hard and looked again, hoping it was just a mirage. But his co-pilot stared at the same horrible vision… a gray German Messerschmitt fighter hovering just three feet off their wingtip. It was five days before Christmas 1943, and the fighter had closed in on their crippled American B-17 bomber for the kill.

The B-17 pilot, Charles Brown, was a 21-year-old West Virginia farm boy on his first combat mission. His bomber had been shot to pieces by swarming fighters, and his plane was alone in the skies above Germany. Half his crew was wounded, and the tail gunner was dead, his blood frozen in icicles over the machine guns.

But when Brown and his co-pilot, Spencer “Pinky” Luke, looked at the fighter pilot again, something odd happened. The German didn’t pull the trigger. He nodded at Brown instead… [He] began flying in formation so German anti-aircraft gunners on the ground wouldn’t shoot down the slow-moving bomber. (The Luftwaffe had B-17s of its own, shot down and rebuilt for secret missions and training.) Stigler escorted the bomber over the North Sea and took one last look at the American pilot. Then he saluted him, peeled his fighter away and returned to Germany.

Read more

Avast 8 is out and already well-regarded

Dave Farquhar security , , , , ,
Avast 8 is out, and the initial reviews are positive.

If you use Avast, either as your primary or as your secondary AV, updating it is a good idea. One critical improvement is that virus database updates happen more frequently now. There’s no such thing as too frequently when it comes to database updates.

Use Secunia PSI to keep all your programs up to date with minimal effort

Dave Farquhar security, Windows , ,

Did you know Adobe released three Flash updates this month? And that every last one of them was absolutely, positively necessary? (At the time. They’re cumulative.) Seriously, you need a computer to keep track of all this stuff.

Secunia PSI is a free program to keep track of these updates and pull them down and install them for you. I’ve written about it before, but not in any depth. I downloaded it to a machine that didn’t have it, and it scanned my system, found four out-of-date programs–it knows about 3,000 pieces of software–and updated three of the four without me doing anything at all. It’s dead simple. Download it, install it, accept the defaults, and let it run. If you can’t get by without the four horsemen of the security apocalypse (Quicktime, Flash, Acrobat, and Java), at least Secunia PSI will ensure you’re running the least insecure–I’m not calling any of those security nightmares any word that would suggest they’re good–version of each.

If you’re running Windows, go download it and install it, please. It’s not a substitute for antivirus software, but it’s a tool that can close the security holes that antivirus software can’t protect you against. Really, you probably need both.

How to save money on tech

Dave Farquhar Saving money , , , , , , , , , , , , , , , ,

CNN offered up some good tips on saving money on tech. But of course I want to analyze and comment on it myself. Anything else would be out of character. Here’s how I save money on tech.

Read more

How to get your first job in IT

Dave Farquhar Careers , , , , , ,

I helped a friend of a former coworker with his resume this week. He’s looking to get their first jobs in IT, and found it difficult, even though he was applying for an entry-level helpdesk position.

His resume certainly indicated he was educated and able to hold down a job, but that wasn’t quite enough. Here’s what I had him do to beef up that resume to get past those initial rounds of screening and get interviewed.

Read more

Java is patched now, but still not very safe

Dave Farquhar security , , ,

Rapid7’s Chief Security Officer, HD Moore, estimated it will take two years for Oracle to fix all of the current issues with Java, not counting anything new that happens in that timeframe.

Futhermore, Kaspersky states that 50% of cyberattacks in 2012 utilized a Java exploit. Among those is the newly discovered Red October.

Think for a minute. Antivirus software is anywhere from 75 to 90% effective. Assuming the worst, that means the simple process of removing Java from your computer does 2/3 as much good as running antivirus software. Of course, you shouldn’t do one or the other; you should do both.

If you have a legitimate need for Java in your web browser, such as commercial intranet applications built with Java, enable Java in one and only one browser, then use that browser solely for accessing those Java-powered web sites.

But the best thing to do is just get rid of Java. And if you have something that uses Java, find something else to use.

It took Microsoft about two weeks to fix a critical vulnerability in Internet Explorer. It took Oracle five months. I never thought I’d say this, but Oracle needs to be more like Microsoft.

Yeah, you can quote me on that if you want.

But until Oracle gets religion on security like Microsoft did around 2002, we really have two choices: Avoid Oracle products whenever practical, or keep getting hacked. I’d rather you not choose the latter option.