firewall

Consumer routers are the security vulnerability of the year, so far

Dave Farquhar security, Servers and Networking , , , , , , ,

Today I found an article in PC World that gives a somber assessment of the state of consumer routers, like the device that probably sits between you and the Internet.

I’m glad this is getting attention. There’s a lot more to it than what’s in the PC World article, but I’ve droned enough about what’s bad about consumer routers. It’s bad now, and it’s going to get worse before it gets better. Kudos to PC World for providing a bit of an action plan.

What if you want to go beyond what PC World is talking about? I’m glad both of you asked. Read more

Things to do for your relatives’ computers this Christmas

Dave Farquhar security , , , , , , , , , , ,

I wish I’d posted this last week, since many of us see one set of relatives at Thanksgiving and a different set at Christmas (and perhaps New Year’s). Here are things you can do as preventative maintenance for relatives whose computers could use a little help. Read more

Rooting: Just do it.

Dave Farquhar Android , ,

Rooting is a confusing term to Android newcomers, but it’s really simple: It’s gaining administrative rights, just like you have on a Windows PC. It’s nothing particularly nefarious.

The difference is that it’s not quite as straightforward with Android. Read more

The outbound firewall controversy

Dave Farquhar security ,

So, do you need an outbound firewall? Two people say no.

I agree but I disagree. I like the idea behind an outbound firewall, but in practice, I find they don’t work. The human element makes them fail. Whenever a computer asks for permission to do something, people generally fall into two camps: People who say yes all the time, and people who say no all the time. With the people who say yes all the time, the malware gets to do whatever it wanted anyway, so the firewall fails to do its job. With the people who say no all the time (Why does Internet Explorer want to connect to the Internet?), nothing works.

Ultimately, the argument against them is that if you don’t trust a piece of software to connect to the Internet, you shouldn’t have that software on your computer at all. I agree completely with that argument. Only install trusted software that you get from trusted sources, learn how to check the MD5 or SHA1 signatures to ensure the software is what it says it is, and then and only then install it.

A firewall is one of the most basic of security tools. You need one to protect yourself against basic threats. Not having one is negligent. But trying to turn that firewall into something other than a basic tool–something it’s not–generally isn’t going to get you very far. A firewall with training wheels on it isn’t a substitute for security awareness.

And here’s the thing. The Windows built-in firewall does block certain outbound connections, mostly on antiquated ports that are generally used for malware more frequently than for legitimate purposes anymore. It just doesn’t jump up and down and tell you that it’s doing it. It just quietly does its job, which is exactly what you want your firewall to do.

The trouble with routers

Dave Farquhar Hardware, security , , , , , , , , ,

I see the advice going around, again, to disable the Windows firewall and rely on an external router, the justification being that it makes your computer “invisible.” It doesn’t. Only IPV6 can do that–and then, only if you don’t use it for anything.

The trouble with that advice is that there are botnets targeting routers. Routers are nothing special; they’re small computers running Linux on an ARM or MIPS CPU, typically outdated versions with old vulnerabilities that can be exploited by someone who knows what to look for. One example of this is the Aidra botnet. Typically Aidra is used to attack outside targets, but it’s not outside the realm of possibility for an infected router to turn on and attack the machines it’s supposed to protect. And if you’ve turned off your firewall, then you have no protection against that.
Read more

More thoughts on the $150 Hisense Sero 7 Pro tablet

Dave Farquhar Android , , , , , ,

Steve Aubrey wrote in with a link to a useful site dedicated to the Hisense Sero 7. It collects all the useful information that’s surfaced from xda-developers and other sites, including custom ROMs, rooting instructions, and where to get accessories.

He asked if I recommend rooting. The short answer: Yes, if you know what you’re doing. If you’re willing to read the prompts when an app requests root access and understand what it’s asking for, then sure. If you just blindly click yes to everything, then no, by all means, leave the tablet stock.

But if you know what you’re doing, one nice thing you can do is install a firewall, so a rooted Android tablet can be safer than an unrooted one. Have fun wrapping your head around that slice of counter-intuitiveness.

Let’s talk about my impressions of the tablet itself.

Read more

“Computer Maintenance Department” called me again from India

Dave Farquhar scams, security , , , , , , ,

So, “Peggy” from “Computer Maintenance Department” called me again last night. This time I decided to mess with him a bit more. This is the second time.

(No, “Peggy” wasn’t his real name, nor did he identify himself as “Peggy,” but that’s the name I’ll use, thanks to that old Discover commercial.)

Read more

How to find tech talent hiding under your nose

Dave Farquhar Uncategorized , , ,

Sometimes the best place to look for new talent is inside the team you already have, writes Infoworld’s Dan Tynan. Then he gives seven ways to find them.

Read more

Some computer maintenance for the upcoming family get-togethers

Dave Farquhar security , , , , , , , ,

If you’re like me and do some computer maintenance for families during holiday weekends, the time to plan Easter computer maintenance is now.

Here’s some stuff I recommend doing to keep your non-computer-enthusiast relatives’ systems running smoothly. Be sure to bring your own laptop along, just in case. If a computer is too broken to get online or to get online safely, nothing beats a working system for downloading the stuff you need to fix it. Read more

Bitdefender 60-second virus scan: a review

Dave Farquhar security , , , , , ,

I mentioned Bitdefender 60-second virus scan the other day, but didn’t give it a proper review. It’s time I remedy that.

It’s a small 160K stub that downloads a few more megabytes worth of stuff after you run it. Unlike most other free antivirus apps, this one is intended to be secondary–a marketing tool to show you what your primary antivirus isn’t catching that Bitdefender would, I suppose. But I think it’s useful as a second line of defense, and recommend using it as such.

Read more