You know? I get friends & family asking all the time about how their personal devices should be secured, especially since Ransomware has been hitting the headlines. Now, I’ve got my personal devices tied down pretty well, but it’s not like all the things I do are what I’d want my dad trying to configure. I love him to death, but it wouldn’t serve our healthy relationship if I became his PC Support Line. The good Lord knows I tried, & it just didn’t work out well. You know what I mean.
And I figured that a lot of my InfoSec compadres are in much the same boat. You don’t want your second cousin’s brother-in-law’s hairdresser’s boyfriend calling your cell phone at 2 AM. So I thought you could link to this blog, save everyone some trouble & give a little back along the way. But, be forewarned… If I get a call from your second cousin’s brother-in-law’s hairdresser’s boyfriend at 2 AM, I’ll definitely be asking where they got my name & number.
This is mainly focused on Windows users. Maybe we’ll come up with a Mac version, but many of these apply to Mac users. So there’s that. Keep in mind that the quality of my information here is good only as of the day that I post it. If you’re reading this 6 months from now, the game has probably evolved. Remind me & I’ll update it.
In the spirit of David Letterman’s Top 10 lists, here’s what I would tell my dad he needs to get my nephew to do to his computer…
- Uninstall any & all flash players!!! DO IT TODAY!!!!
- Automatically download & install windows patches. (don’t forget to reboot regularly)
- Malwarebytes (free or paid) will do just about everything a typical home user needs to catch malware.
- Windows UAC settings on the highest or, at minimum, next-to-highest level (And don’t let anyone tell you this isn’t a big deal.)
- Symantec/MacAfee/AVG/etc. (lots of options here, but pay for extras & only use a brand name you recognize. Don’t do “free”.)
Note: Anti-Virus isn’t the same as malware. You want the email, privacy, & add-ons that these provide.
- Windows firewall turned ON
- Adblock/Adblock+/Ghost (I run all three, install one of them. Get it from the products’ webpage!)
- Chrome browser (3rd party cookies turned off)
- Stay off torrent sites.
- If you want to browse “anonymously”, then learn about internals of VPN’s/TOR/onion. Don’t you dare go here if you don’t understand the implications/consequences or why I put “anonymously” in quotes. There’s more than one reason they call it “The Dark Web”. You don’t play blindfolded with a wet paper bag of used needles in the middle of the freeway at midnight, so don’t play here unless you know what to do when you get pricked.)
Bonus points for those a little more technically adept:
- Use Open DNS (https://use.opendns.com) 2. Adobe Acrobat & non-Windows apps require separate updates, so configure these to auto-update too.
- If you’re concerned about fit-bits, smart TVs, baby monitors, home automation, security camera, etc… (https://www.getcujo.com) 4. There’s some good ransomware solutions coming down the pipeline. I don’t have a recommendation just yet, but stay tuned.
- Take advantage of “two factor authentication” for google, facebook, & twitter. Spare yourself the embarrassing email to all your friends that you have been hacked & not to click on any links you sent out.
- You should consider using a “password manager”, but one of the biggest got hacked last week, so this one is kind of debatable right now. But no matter the case, you should ***NOT*** BE* * *USING ***ANY*** passwords that you used before 2016!!!
I welcome additions, suggestions, & deletions. But please, we all know this is just my opinion, & maybe your dad is more technically astute than mine. Maybe not. I did run my ideas past some really top-tier InfoSec geeks, ones I think are 100x better than me. They all asked that I not mention their names. But thanks go to WG, RD, SL, DH, SM & MS!)
And despite my dear wife’s objections, I’m not perfect. So please be nice with your comments.