Migrate Windows 7 to SSD or install fresh?

Here’s a good question. Should you migrate Windows 7 to SSD or install fresh? And what about Windows 10? This is likely to be controversial and everyone has an opinion. I’ll weigh the pros and cons of each, as a guy who knows  a little about optimizing Windows, and who has been using SSDs since 2009.

Read more

Optimize Windows 10 for better performance

Optimize Windows 10 for better performance

When I first installed it, I thought it was pretty pointless to try to optimize Windows 10. Of course, I installed it from scratch on a computer with an SSD and 16 gigs of RAM. Then I upgraded a couple of computers from Windows 7 to Windows 10, and I started to see why some people might not like Windows 10 all that much.

Upgraded systems almost always run slow, but I’d forgotten how much slower. And while you didn’t have to do much to Windows 7 to make it fast–that’s one reason people liked it–I find some Windows 10 optimization seems to be necessary.
Read more

A scammer called me a fraud

A scammer called me a fraud

Someone I know got a tech support scam popup that said their computer was being hacked. I said to bring the computer over. I wanted to see it.

I found the malicious site in the browser history–I’ll tell you how to do that after I finish my story–and pulled the page back up. The computer played an MP3 file with a scary-sounding message and urged me to call an 888 number. So I called. I got voicemail. I left a message.

Read more

Double-check your security with Qualys Browser Check

Double-check your security with Qualys Browser Check

In the past, I’ve recommended Secunia PSI as a way to keep your systems up to date. I know from my own experience that it helps, but I also know it doesn’t work 100 percent of the time.

When it comes to security, nothing is more critical than making sure your updates are applying correctly. That’s where my employer comes in, with Qualys Browser Check.

Read more

Recommended DD-WRT settings

Recommended DD-WRT settings

I’ve been asked a few times now for my recommended DD-WRT settings, or at least my good-enough settings. I think that’s a great idea, so I’ll walk through how I configure a DD-WRT router. Follow these steps and I can almost guarantee you’ll have the most secure network on your block.

For the purposes of this tutorial, I am going to assume you are configuring DD-WRT as your primary router.

Read more

The workstation events you want to be logging in Splunk

Every once in a while the NSA or another government agency releases a whitepaper with a lot of really good security advice. This paper on spotting adversaries with Windows event logs is a fantastic example. It’s vendor-neutral, just talking about Windows logs and how to set up event forwarding, so you can use the advice with any log aggregation system or SEIM. I just happen to use and recommend Splunk. But whatever you use, these are the workstation events you want to be logging.

I want to call your attention to a couple of items in the paper. Most breaches begin on workstations, and this paper has the cure.

Read more

How to mitigate MS15-078 or future Microsoft font driver vulnerabilities

Microsoft rushed out an out-of-band patch, MS15-078, to deal with active exploits in their font driver yesterday. Since pushing out patches takes time, my boss asked me what we could do to mitigate the issue in the meantime.

The biggest threat, by far, is exploit-bearing fonts being downloaded from web sites. Ideally you only install trusted fonts from trusted sources locally on your workstations, right? If not, I suggest you start that practice as well.

You have a couple of options when it comes to blocking fonts in browsers.

Read more

The new firewall

Monthly patches and upgrades don’t always go well, but getting them down is increasingly critical, especially for applications like Flash, Reader, and the major web browsers. This week I called it “the new firewall.”

Twenty years ago, home users almost never bothered with firewalls. My first employer didn’t bother with them either. That changed in the late 1990s, when worms exploiting weaknesses in Microsoft software devastated the nascent Internet. Firewalls soon became commonplace, along with some unfortunate hyperbole that led some people to believe firewalls make you invisible and invincible, a myth that persists in some circles even today.

For this reason I’m a bit hesitant to declare anything a new firewall, but firewalls are necessary. So is protecting key software.
Read more

WordPress Appliance - Powered by TurnKey Linux