How to make your online banking more secure

If you want to make your online banking more secure, I have a tip for you.

Due to the increasing amount of malware targeting bank accounts, it’s not a bad idea to dedicate a computer to online banking and only online banking. Of course, who wants to dedicate an expensive computer to that task?

You don’t have to. You can buy a $120 refurbished Chromebook to use. If you don’t want to spend any money but have a seldom-used computer still hanging around that isn’t good for much, load Linux Mint on it and use it exclusively for banking. My experience with Mint on an old netbook has been rather good. Linux Mint is, if anything, easier to get up and running than Windows.

Read more

Google’s migrating corporate apps to the cloud is less crazy than it sounds

Google is moving its corporate applications to the Internet. A year ago I would have said that’s the dumbest thing I ever heard. Today I’m not so sure.

Sticking stuff in the cloud is the popular answer to everything these days, and I just see the cloud as the new mainframe. It’s not a solution so much as a different take on the same problem, and while I see a couple of potential disadvantages, believe it or not I see some real advantages to the approach as well.

Read more

Why you need to be planning for Windows 10

A longtime friend asked me at church on Sunday about Windows 10. My answer was fairly succinct: Windows 7 has five years left in it, so we’ll probably all end up running it at some point.

Microsoft made a number of announcements last week, so here’s what you need to know about it.

Read more

The browser tradeoff

I probably ought to know better than the venture into the topic of web browsers by now, but since I stepped into it Friday, I guess there’s no point in staying in the shallow end.

The problem with web browsers is that they all require you to trade one thing for another, and if anything, that’s more true today than it ever has been before. Read more

What I did for Mother’s Day

Last month, Rapid7’s Trey Ford appealed to security professionals:

You have an opportunity to be an ambassador. When you see XP out there, have an adult conversation, educate in terms that others will appreciate. Your actions and words reflect on the entire community.

As the family CIO/CSO – look for the smart investment. There are options that will make your life easier. A small investment is a lot easier to stomach than compromised shopping/banking/credit card credentials (or identity theft.)

Read more

Microsoft was wrong whether it patched XP this time or let it burn

Years ago I heard a joke that reminds me of the situation Microsoft found itself in last week with its latest IE vulnerability:

If a man is alone in a forest, and there’s no woman there to hear him, is he still wrong?

I was as shocked as anyone when Microsoft released just one last Internet Explorer patch for Windows XP on May 1. I can argue either side of the issue, but I don’t think I can argue either side convincingly enough to get a simple 50.1% majority of people to agree with me, because I’m not sure I can argue either side of the issue convincingly enough that Iwould agree with myself.

I think it’s important that 26% of all web traffic is still coming from Windows XP today, nearly three weeks after it went end of life. That likely played into the decision. Microsoft was in a no-win situation here, and they had to decide whether they wanted to lose 1-0 or 24-1. So I don’t think it matters all that much, but here are the pros and cons of each side, as I see them. Read more

IE gets patched and XP gets a reprieve

In case you haven’t heard, Microsoft released an emergency patch yesterday afternoon for the bad Internet Explorer bug that prompted the Department of Homeland Security to tell everyone not to use IE until further notice. That was no surprise, given the amount of publicity behind this bug.

What was a surprise was that they went ahead and released the patch for Windows XP as well. So, unless something really weird happens, the very last patch for Windows XP is MS14-021, issued 1 May 2014.

If you run Windows and your PC didn’t tell you this morning it applied updates automatically, go to Automatic Updates in Control Panel and download the fix.

Upgrading a D-Link DIR-615 to DD-WRT

Last year I bought my mother in law a D-Link router, an oddball DIR-615 revision E1 that was only sold at a few stores. It was supposed to be a Fry’s exclusive, but I bought hers at Micro Center. It worked for a while, then gave her trouble, so this year I was working with it again, and when I was setting it up, I noticed it had some security vulnerabilities–remote code execution, UPnP vulnerabilities, and who knows what else.  So that got me some practice upgrading a D-Link DIR-615 to DD-WRT.

DD-WRT’s track record and attitude towards security research could be better, but I’d rather trust my mother in law to DD-WRT’s B+ security than D-Link’s F.

Read more

How to take a screen capture of a web site in Windows

I can’t imagine needing to take a screen capture of a web site terribly often, but I have had to do it a few times in the past year. I used Snagit to do it, and it didn’t always do the best job–sometimes the program would crash, or the CPU would race and I would have to resort to ctrl-alt-del to get things back to normal–and not get my screen capture.

IE Capt is a small, standalone utility to do just that. Feed it the URL you want to capture, and it uses Internet Explorer’s Trident engine to render the page and outputs it to an image file for you. If you’re comfortable with the command line, it’s a faster, easier way to get your screen capture. And it’s free, which doesn’t hurt either.

WordPress Appliance - Powered by TurnKey Linux