PortableApps
There are multiple portable app repositories and there are many more portable versions of software not included among some of the more popular repositories. I have mentioned portable apps in previous posts. The repository I turn to the most is portableapps.com.
Why portable apps. Okay older-timers remember back in the day when the application was one file, mytool.exe, etc. Remember before Microsoft created the Registry for Windows 95. It was simple, it was a few files, there were no pesky "installers" or incomplete uninstalls. Everything was contained in its own directory and when you got sick of it you just deleted the thing. Now don't get me wrong DLLs and shared components have their place, but I think the windows world of programmers have gotten a bit carried away.
I like portable apps because they don't dirty up your system, they don't pollute your registry, they are usually light weight, and faster than the full blown app. You might also be surprised at how many of them have all the same feature sets. Or those that drop features, how you didn't really need or use that feature anyways.
But wait there is more. What about the college kids that don't have a PC and use school and internet cafe PCs. Get yourself a nice thumbdrive, load up your favorite portable apps, browser, word processor, RSS reader, etc. All you settings, bookmarks, favorites are where ever you go.
But wait, Act now and we'll throw in this bonus offer. You won't leave data, behind. Browsing history stays on your thumb drive not the PC, chat logs, cookies, images, virtually no evidence is left behind that you were there. **Note check and verify the behavior of the app, all apps are not crated equal, some may leave various artifacts on the system, this is not a get out of jail free card. For example Windows will still keep a log that a USB device was connected to the system. A good forensics analysts can still track you.
Portable apps, give them a go.
PortableApps
18 July 2013
16 July 2013
Foxit Reader / PDF-XChange Viewer
Foxit Reader
PDF-XChange Viewer
We have mentioned PDFs in the last two posts. While a small utility to create PDF documents is great, how do you interact with the PDF files you have created, or other PDFs that you download from third parties.
I mention to tools here, Foxit and PDF-XChange. I have personally just started to use these tools as an alternative to Adobe PDF Reader. I mention these two tools specifically because they both have portable installers.
Both applications have more options and features beyond simply reading or viewing PDFs both can do text searching, PDF-XChange allows for limited editing, FoxIt allows for the adding a digital signature (rubber stamp).
Both applications have had their share of vulnerabilities, often attributed to weaknesses in the PDF format itself. While security through obscurity is not a recommend action, it does sometimes have a place, and each of these two tools has the advantage of not being as big a target as Adobe to the malware creators.
Give one or both of these two a spin and see if you don't like them better than your current PDF reader.
PDF-XChange Viewer
Foxit Reader
PDF-XChange Viewer
We have mentioned PDFs in the last two posts. While a small utility to create PDF documents is great, how do you interact with the PDF files you have created, or other PDFs that you download from third parties.
I mention to tools here, Foxit and PDF-XChange. I have personally just started to use these tools as an alternative to Adobe PDF Reader. I mention these two tools specifically because they both have portable installers.
Both applications have more options and features beyond simply reading or viewing PDFs both can do text searching, PDF-XChange allows for limited editing, FoxIt allows for the adding a digital signature (rubber stamp).
Both applications have had their share of vulnerabilities, often attributed to weaknesses in the PDF format itself. While security through obscurity is not a recommend action, it does sometimes have a place, and each of these two tools has the advantage of not being as big a target as Adobe to the malware creators.
Give one or both of these two a spin and see if you don't like them better than your current PDF reader.
PDF-XChange Viewer
Foxit Reader
15 July 2013
CutePDF Writer
CutePDF Writer
CutePDF Writer is a very nice light weight app for creating PDF documents. CutePDF Writer is less an application that you interact with and more like a shim that is installed between your PC and printer.
Once CutePDF Writer is installed it displays as a printer destination. Simply print the document or file you want to convert. Select CutePDF Writer as your printer. Select where to save the output file. You now have your document saved as in PDF format.
CutePDF Writer
CutePDF Writer is a very nice light weight app for creating PDF documents. CutePDF Writer is less an application that you interact with and more like a shim that is installed between your PC and printer.
Once CutePDF Writer is installed it displays as a printer destination. Simply print the document or file you want to convert. Select CutePDF Writer as your printer. Select where to save the output file. You now have your document saved as in PDF format.
CutePDF Writer
14 July 2013
Libre Office
Libre Office
Libre Office, think MS Office but free.
It does all the same stuff, I can open most if not all documents created with MS Office.
If you really need more portability between devices and programs, just convert your final doc into a .pdf.
This is actually preferable anyways as the end users ability to make further changes to the doc is very limited if not completely removed.
Libre Office
Libre Office, think MS Office but free.
It does all the same stuff, I can open most if not all documents created with MS Office.
If you really need more portability between devices and programs, just convert your final doc into a .pdf.
This is actually preferable anyways as the end users ability to make further changes to the doc is very limited if not completely removed.
Libre Office
13 July 2013
Greenshot
Greenshot
Greenshot is an awesome little tool if you do lots of screen shots. Especially handy for creating detailed instructions and how to guides.
Greenshot will drop an icon in the task bar for easy activation, or you can use a number of keyboard shortcuts to activate the app.
Once a region of the screen has been marked and captured, you can re-capture the same region at a later time. This feature is exceptionally handy when doing screen shots of an install process where the same window is updating through various steps and options.
Once a region is captured you can send to to a number of outputs from the system 'clipboard' to your email client, to a word processor, to an image manipulator, etc.
There are other similar tools but of those I have used I prefer Greenshot.
Greenshot
Greenshot is an awesome little tool if you do lots of screen shots. Especially handy for creating detailed instructions and how to guides.
Greenshot will drop an icon in the task bar for easy activation, or you can use a number of keyboard shortcuts to activate the app.
Once a region of the screen has been marked and captured, you can re-capture the same region at a later time. This feature is exceptionally handy when doing screen shots of an install process where the same window is updating through various steps and options.
Once a region is captured you can send to to a number of outputs from the system 'clipboard' to your email client, to a word processor, to an image manipulator, etc.
There are other similar tools but of those I have used I prefer Greenshot.
Greenshot
11 July 2013
GIMP
GIMP
GIMP, the GNU Image Manipulation Program. Think free photoshop. MS Paint is okay if all you want to do is shrink the resolution of a photo or for making some quick screen shots. However, when you really want to play with pictures GIMP is the tool of choice. It rivals any features and function of multi-hundred dollar applications.
"bring out the gimp"
GIMP
GIMP, the GNU Image Manipulation Program. Think free photoshop. MS Paint is okay if all you want to do is shrink the resolution of a photo or for making some quick screen shots. However, when you really want to play with pictures GIMP is the tool of choice. It rivals any features and function of multi-hundred dollar applications.
"bring out the gimp"
GIMP
Pidgin
Pidgin
So we got some security patch monitoring, we have anti-malware installed, we have test driven some alternate browsers and a few privacy extensions.
Now you want to start replacing the daily use tools for something free, and more robust.
Enter Pidgin, the universal chat client.
Pidgin supports virtually all the protocols,
AIM, Bonjour, Facebook, GoogleTalk, IRC, MSN, XMPP. Yahoo, SILC and more. If you need to send a message Pidgin can probably do it. Pidgin is also available for Windows, Linux, Mac. On of the major benefits to Pidgin is its native support for SILC. What is SILC you say? Think encrypted IRC. Pidgin also has numerous add-ons such as OTR, off the record, to reduce the logs that are retained from conversations. It is the best of both worlds providing flexibility and optional privacy/security.
Pidgin also has a good language support and spell check capability.
My only real complaint with Pidgin is that on the Windows client the user data is directly tied to the logged on account of the windows host. This is not the case on the *nix clients. So if you want to use an alias on Windows you have to also have an alias Windows account from which to run the app.
Keep in mind also that if you want to be secret squirrel and keep your communications private you can only control what is on your local client. Familiarize yourself with the practice and policies of the server and/or service to which you are connecting. If you user server werecordeverything.com just because you clear the logs on your client does not mean that there is not a copy being saved on the server.
But if you don't want to install multiple service specific clients or if you want a common look and feel across multiple systems, give Pidgin a try.
Pidgin
So we got some security patch monitoring, we have anti-malware installed, we have test driven some alternate browsers and a few privacy extensions.
Now you want to start replacing the daily use tools for something free, and more robust.
Enter Pidgin, the universal chat client.
Pidgin supports virtually all the protocols,
AIM, Bonjour, Facebook, GoogleTalk, IRC, MSN, XMPP. Yahoo, SILC and more. If you need to send a message Pidgin can probably do it. Pidgin is also available for Windows, Linux, Mac. On of the major benefits to Pidgin is its native support for SILC. What is SILC you say? Think encrypted IRC. Pidgin also has numerous add-ons such as OTR, off the record, to reduce the logs that are retained from conversations. It is the best of both worlds providing flexibility and optional privacy/security.
Pidgin also has a good language support and spell check capability.
My only real complaint with Pidgin is that on the Windows client the user data is directly tied to the logged on account of the windows host. This is not the case on the *nix clients. So if you want to use an alias on Windows you have to also have an alias Windows account from which to run the app.
Keep in mind also that if you want to be secret squirrel and keep your communications private you can only control what is on your local client. Familiarize yourself with the practice and policies of the server and/or service to which you are connecting. If you user server werecordeverything.com just because you clear the logs on your client does not mean that there is not a copy being saved on the server.
But if you don't want to install multiple service specific clients or if you want a common look and feel across multiple systems, give Pidgin a try.
Pidgin
10 July 2013
Tor / Tor Browser
Tor
Tor Browser
Tor really deserves a much deeper discussion all on it's own. While this will be a brief mention of the tool, maybe I can revisit it later.
TOR, The Onion Router, is a software package that when configured properly tunnels your network traffic through an encrypted service to maintain a level of privacy and anonymity. With that said it is important to note that many security researchers argue that Tor is broken. If you control an exit node you can eventually identify a user to a given set of traffic. It is the nature of the beast and simply requires that you learn and used trusted exit nodes. In the mean time, it is good enough for what most folks are looking for.
While Tor can require some configuration on the user's part it is relatively easy to use and set up.
Part of why I mention Tor now, is because we have been talking about browsers. The folks over at the Tor Project have wonderfully bundled a FireFox browser along with Tor in an even easier to use package. Download it, uncompress it, double-click it, and you are set for any traffic initiated with that browser. This is truly the easiest way to get your feet wet with Tor and expand into a whole new knowledge set of privacy, encryption, proxies, and tunnels.
One word of note, some sites will actively block communications from Tor nodes, so you may run into issues connecting to some services like gmail. Also be aware that any extensions or add-ons that you install to your Tor-ified browser may weaken the level of privacy and anonymity provided by Tor. For example your browser is secure, and Tor is secure, but you installed Flash to play that puzzle game, and Flash has collected and shared bits of data with some other service. Or while the browser has deleted its cache, the flash install still has all of its cached data which could be used to reveal which sites you visited.
Tor like some many other applications is just a tool, a layer in your over all security posture. It by itself will not guarantee 100% privacy.
Grab Tor Browser and start experiencing a new way to visit the web.
Tor Browser
Tor
Tor Browser
Tor really deserves a much deeper discussion all on it's own. While this will be a brief mention of the tool, maybe I can revisit it later.
TOR, The Onion Router, is a software package that when configured properly tunnels your network traffic through an encrypted service to maintain a level of privacy and anonymity. With that said it is important to note that many security researchers argue that Tor is broken. If you control an exit node you can eventually identify a user to a given set of traffic. It is the nature of the beast and simply requires that you learn and used trusted exit nodes. In the mean time, it is good enough for what most folks are looking for.
While Tor can require some configuration on the user's part it is relatively easy to use and set up.
Part of why I mention Tor now, is because we have been talking about browsers. The folks over at the Tor Project have wonderfully bundled a FireFox browser along with Tor in an even easier to use package. Download it, uncompress it, double-click it, and you are set for any traffic initiated with that browser. This is truly the easiest way to get your feet wet with Tor and expand into a whole new knowledge set of privacy, encryption, proxies, and tunnels.
One word of note, some sites will actively block communications from Tor nodes, so you may run into issues connecting to some services like gmail. Also be aware that any extensions or add-ons that you install to your Tor-ified browser may weaken the level of privacy and anonymity provided by Tor. For example your browser is secure, and Tor is secure, but you installed Flash to play that puzzle game, and Flash has collected and shared bits of data with some other service. Or while the browser has deleted its cache, the flash install still has all of its cached data which could be used to reveal which sites you visited.
Tor like some many other applications is just a tool, a layer in your over all security posture. It by itself will not guarantee 100% privacy.
Grab Tor Browser and start experiencing a new way to visit the web.
Tor Browser
Tor
08 July 2013
Mozilla Collusion
Mozilla Collusion
Let us shift gears slightly and discuss where you are at, where you are going, where you think you are...
Collusion is a wonderful little add-on for your browser, available for FireFox and Chrome. It give you a visual display of what sites interact with each other. So you go to mail.yahoo.com and you think you are only sharing data with Yahoo. Think again.
While Collusion in FireFox will only show you where you are going. Collusion in Chrome will also block access to known tracking sites.
See the Ted Talk describing Collusion.
Use Collusion to get a better idea of where your information is going. Learn to control your data and opt-out of the tracking services that you can legitimately opt-out of. Learn to prevent the tracking and data sharing that you cannot opt-out of.
Another fine tracking blocker is Ghostery
Ghostery currently blocks over 1550 elements, with new elements being added frequently.
Mozilla Collusion
Let us shift gears slightly and discuss where you are at, where you are going, where you think you are...
Collusion is a wonderful little add-on for your browser, available for FireFox and Chrome. It give you a visual display of what sites interact with each other. So you go to mail.yahoo.com and you think you are only sharing data with Yahoo. Think again.
While Collusion in FireFox will only show you where you are going. Collusion in Chrome will also block access to known tracking sites.
See the Ted Talk describing Collusion.
Use Collusion to get a better idea of where your information is going. Learn to control your data and opt-out of the tracking services that you can legitimately opt-out of. Learn to prevent the tracking and data sharing that you cannot opt-out of.
Another fine tracking blocker is Ghostery
Ghostery currently blocks over 1550 elements, with new elements being added frequently.
Mozilla Collusion
07 July 2013
NetCraft Anti-Phishing Extension
NetCraft Anti-Phishing Extension
Used to be called a Toolbar. Used to be for IE and FireFox.
Netcraft has licensed the functionality of the Anti-Phishing Extension to Microsoft and Opera. IE and Opera browsers now have this protective software built-in to their code and do not present the user with a separate toolbar on the browser window.
The extension is now available for FireFox and Chrome.
Why should you care.
A.) The extension, in FireFox and Chrome, gives you an optional toolbar to be displayed which gives the user additional information about the website they are visiting. Host country and ISP, site uptime, and rank. While potentially uninteresting to some folks. With a little knowledge it can help spot bad sites. Why would your local pub host their website in China? Why would Microsoft's website have a date of yesterday? Either might point to the fact that the site has been spoofed and you are not really talking to who you think you are talking.
B.) The extension will give alerts when access to a known malicious site is attempted. The user will be presented with a warning and will have the option to proceed.
This is the only "toolbar" that i have ever recommended to anyone to run. Normally toolbars are a waste of time and resources to the user. Most ultimately prove to be more of a risk to the user than of any real value.
If you are running Firefox or Chrome download the extension and give it a go.
Google Chrome does also include its own anti-malware functionality based on Google's website intelligence. Firefox also claims to include its own anti-malware features. Let me remind the good reader of defense in depth, don't rely solely on a single protection mechanism.
NetCraft Anti-Phishing Extension
Used to be called a Toolbar. Used to be for IE and FireFox.
Netcraft has licensed the functionality of the Anti-Phishing Extension to Microsoft and Opera. IE and Opera browsers now have this protective software built-in to their code and do not present the user with a separate toolbar on the browser window.
The extension is now available for FireFox and Chrome.
Why should you care.
A.) The extension, in FireFox and Chrome, gives you an optional toolbar to be displayed which gives the user additional information about the website they are visiting. Host country and ISP, site uptime, and rank. While potentially uninteresting to some folks. With a little knowledge it can help spot bad sites. Why would your local pub host their website in China? Why would Microsoft's website have a date of yesterday? Either might point to the fact that the site has been spoofed and you are not really talking to who you think you are talking.
B.) The extension will give alerts when access to a known malicious site is attempted. The user will be presented with a warning and will have the option to proceed.
This is the only "toolbar" that i have ever recommended to anyone to run. Normally toolbars are a waste of time and resources to the user. Most ultimately prove to be more of a risk to the user than of any real value.
If you are running Firefox or Chrome download the extension and give it a go.
Google Chrome does also include its own anti-malware functionality based on Google's website intelligence. Firefox also claims to include its own anti-malware features. Let me remind the good reader of defense in depth, don't rely solely on a single protection mechanism.
NetCraft Anti-Phishing Extension
06 July 2013
Other Browsers
Yeah, I'm harping on the browser. They are one of the primary gateways into your system for malware. They should be comfortable and familiar to the user. The better you know your browser of choice the better your online experience will be. And hopefully more secure.
There are 4 main browser engines.
Trident - IE
Blink - Chrome
Gecko - Firefox
WebKit - Safari
Many of these I have not personally tried. Just letting you know they are out there.
Opera - Based on the Presto engine, decent selection of extensions
Safari -
Multi-Engine browsers rather than worry about website compatibility try out a few of these
Maxthon - Trident and Webkit
Lunascape - Trident, Gecko, Webkit
Avant - Trident, Gecko, Webkit
Sleipnir - Trident and Webkit, can use chrome extensions
Other browsers
ThreeTeeth - Trident based
Green - Trident based
Pale Moon - Gecko based
K-Meleon - Gecko based
There are 4 main browser engines.
Trident - IE
Blink - Chrome
Gecko - Firefox
WebKit - Safari
Many of these I have not personally tried. Just letting you know they are out there.
Opera - Based on the Presto engine, decent selection of extensions
Safari -
Multi-Engine browsers rather than worry about website compatibility try out a few of these
Maxthon - Trident and Webkit
Lunascape - Trident, Gecko, Webkit
Avant - Trident, Gecko, Webkit
Sleipnir - Trident and Webkit, can use chrome extensions
Other browsers
ThreeTeeth - Trident based
Green - Trident based
Pale Moon - Gecko based
K-Meleon - Gecko based
05 July 2013
Google Chrome / Chromium
Google Chrome / Chromium Portable
Chrome has made a strong showing. While initially fast it can also become a resource hog. Partially driven by the popularity of Android and the synchronization options in Google services. Some reports have Chrome at a 45% market share of all browsers.
Chrome also shares the two main values as Firefox over IE, flexibility and a large selection of extensions.
Flexibility
Chrome is a casual browser that I use and I have not yet personally looked at any of the 'about:' menu options.
Extensions
For me Chrome does not have comparable versions of all the extensions that I like and use in Firefox. One of the reasons Firefox continue to be my primary browser as mentioned in the previous post. However Chrome does have a version or comparable version of extensions for all your primary security and privacy extensions.
ScriptNo
AdBlock
Netcraft AntiPhishing
Ghostery
Collusion
If you do not like the heavy hand of big brother Google, you can alternately run Chromium, or like I do Chromium Portable.
Chromium is the original open-source project on which Google Chrome is based. It has all the same base browser functionality but does not have all the integrated Google services.
If you are familiar with "portable apps" there is also a custom Chromium Portable available for use. I personally prefer the portable apps when I can find them. The concept behind portable apps is that they are "self-contained" and do not use the typical Windows installer and does not write to the registry. This allows for the application to be stored on a usb drive and easily used on more than one system. For example if you travel and want to carry your favorite apps without losing your preferred settings etc. Or simply if you do not want to clutter your Windows OS with a ton of installation data. I highly recommend giving Chromium Portable a spin around the block.
Alternately if you are looking for that Chrome feel with pre-built security in mind check out the custom version from Comodo, Comodo Dragon
Google Chrome / Chromium Portable
Chrome has made a strong showing. While initially fast it can also become a resource hog. Partially driven by the popularity of Android and the synchronization options in Google services. Some reports have Chrome at a 45% market share of all browsers.
Chrome also shares the two main values as Firefox over IE, flexibility and a large selection of extensions.
Flexibility
Chrome is a casual browser that I use and I have not yet personally looked at any of the 'about:' menu options.
Extensions
For me Chrome does not have comparable versions of all the extensions that I like and use in Firefox. One of the reasons Firefox continue to be my primary browser as mentioned in the previous post. However Chrome does have a version or comparable version of extensions for all your primary security and privacy extensions.
ScriptNo
AdBlock
Netcraft AntiPhishing
Ghostery
Collusion
If you do not like the heavy hand of big brother Google, you can alternately run Chromium, or like I do Chromium Portable.
Chromium is the original open-source project on which Google Chrome is based. It has all the same base browser functionality but does not have all the integrated Google services.
If you are familiar with "portable apps" there is also a custom Chromium Portable available for use. I personally prefer the portable apps when I can find them. The concept behind portable apps is that they are "self-contained" and do not use the typical Windows installer and does not write to the registry. This allows for the application to be stored on a usb drive and easily used on more than one system. For example if you travel and want to carry your favorite apps without losing your preferred settings etc. Or simply if you do not want to clutter your Windows OS with a ton of installation data. I highly recommend giving Chromium Portable a spin around the block.
Alternately if you are looking for that Chrome feel with pre-built security in mind check out the custom version from Comodo, Comodo Dragon
Google Chrome / Chromium Portable
04 July 2013
Mozilla Firefox
Mozilla Firefox
While Firefox has lost a lot of its luster for me it is still my primary browser. I have been using Firefox since the early 0.x days when it was still called Phoenix. The original lore and draw was that it was based on open standards, was lite weight, and very fast. Since then and partially due to the general change in web technologies and their implementation Firefox has joined the ranks of bloated, slow, hoggish browsers. I've been looking something better but today it seems to be an issue of which is the least bad rather than which is the best.
Firefox has two exceptional values, flexibility and a vast selection of extensions.
Flexibility
While I have not personally delved to far into the flexibility arena, I do occasionally utilize customizations via the 'about:' menus. Mozilla 'about:' is an entire set of subjects unto itself and will not be covered her. Just know that it exists and query it in your favorite search engine. You might find some options you like.
Extensions
Much like the do not track lists available in IE, there are many privacy extensions for Firefox from cookie management to script restriction, to do not track, to data obfuscation.
Some of my favorites include
NoScript
AdBlock
Netcraft AntiPhishing
Ghostery
Collusion
Alternately if you are looking for that Firefox feel with pre-built security in mind check out the custom version from Comodo, Comodo IceDragon
Mozilla Firefox
While Firefox has lost a lot of its luster for me it is still my primary browser. I have been using Firefox since the early 0.x days when it was still called Phoenix. The original lore and draw was that it was based on open standards, was lite weight, and very fast. Since then and partially due to the general change in web technologies and their implementation Firefox has joined the ranks of bloated, slow, hoggish browsers. I've been looking something better but today it seems to be an issue of which is the least bad rather than which is the best.
Firefox has two exceptional values, flexibility and a vast selection of extensions.
Flexibility
While I have not personally delved to far into the flexibility arena, I do occasionally utilize customizations via the 'about:' menus. Mozilla 'about:' is an entire set of subjects unto itself and will not be covered her. Just know that it exists and query it in your favorite search engine. You might find some options you like.
Extensions
Much like the do not track lists available in IE, there are many privacy extensions for Firefox from cookie management to script restriction, to do not track, to data obfuscation.
Some of my favorites include
NoScript
AdBlock
Netcraft AntiPhishing
Ghostery
Collusion
Alternately if you are looking for that Firefox feel with pre-built security in mind check out the custom version from Comodo, Comodo IceDragon
Mozilla Firefox
IE
Okay this one is a break from the focused objective.
Ideally I will only discuss tools that are free and replace the usually inferior native tools in Windows. Sure, sure, I already mentioned Microsoft Security Essentials, but that is not technically native, it is a separate download.
But it is time to talk about Browsers, and honestly I have to include IE in the discussion. Despite its reputation IE has come a long way and the last couple of versions have actually been climbing the secure browser rankings. The biggest single flaw in IE is still ActiveX.
While IE is not my personal browser of choice there are some services that just run better on it. This is and will hopefully continue to change with the broader adoption of HTML5.
As the OS gets more secure and as more OSes gain larger market share and as more services turn to web based models more attacks are targeting the browsers. The average user probably does more on their device from a browser than any other application. Thus browser security is paramount.
While IE is lacking in the add-on department there are some options to consider.
Tracking Protection - Currently there are 11 options from 7 different companies. Review which one fits your needs best and start regaining some of your privacy.
InPrivate Browsing - This effectively disables local logging of internet activity. Keep in mind any other logs by your ISP, the remote web server, search engine, etc. are still collected and stored remotely. If you want to flush your cache after a session start by using InPrivate Browsing.
ActiveX Filtering - Enable this one. Read up on some of the additional options for ActiveX under Internet Options. The extra prompts may save you from some malware.
Smart Screen Filter - This one is manual and has to be initiated by the user (you) for each page you want to check. Play around with it. Run it on sites you have not visited before.
Here is another blog with a round up of security settings for the big 3 browsers.
Remember a browser is just another tool. It is how you use it that makes it safe or unsafe.
These things are designed to work out of the box, and most people never scratch the surface of their browser options.
Ideally I will only discuss tools that are free and replace the usually inferior native tools in Windows. Sure, sure, I already mentioned Microsoft Security Essentials, but that is not technically native, it is a separate download.
But it is time to talk about Browsers, and honestly I have to include IE in the discussion. Despite its reputation IE has come a long way and the last couple of versions have actually been climbing the secure browser rankings. The biggest single flaw in IE is still ActiveX.
While IE is not my personal browser of choice there are some services that just run better on it. This is and will hopefully continue to change with the broader adoption of HTML5.
As the OS gets more secure and as more OSes gain larger market share and as more services turn to web based models more attacks are targeting the browsers. The average user probably does more on their device from a browser than any other application. Thus browser security is paramount.
While IE is lacking in the add-on department there are some options to consider.
Tracking Protection - Currently there are 11 options from 7 different companies. Review which one fits your needs best and start regaining some of your privacy.
InPrivate Browsing - This effectively disables local logging of internet activity. Keep in mind any other logs by your ISP, the remote web server, search engine, etc. are still collected and stored remotely. If you want to flush your cache after a session start by using InPrivate Browsing.
ActiveX Filtering - Enable this one. Read up on some of the additional options for ActiveX under Internet Options. The extra prompts may save you from some malware.
Smart Screen Filter - This one is manual and has to be initiated by the user (you) for each page you want to check. Play around with it. Run it on sites you have not visited before.
Here is another blog with a round up of security settings for the big 3 browsers.
Remember a browser is just another tool. It is how you use it that makes it safe or unsafe.
These things are designed to work out of the box, and most people never scratch the surface of their browser options.
03 July 2013
Anti-Malware
Anti-Malware, yeah it sucks, yeah it is easily evaded, yeah it is needed.
Say what you want about anti-malware but it is a component of defense in depth, and it does help the average user. The question is less about should you run anti-malware and more about which one.
I'm going to high light 3 applications however there are many more out there.
Microsoft Security Essentials
Microsoft actually surprised me with Security Essentials when it was released. It does not have the most options but at the same time that is not all bad for the average user. I have been running Security Essentials for about 3 years and it has served me well. I am also a wee bit paranoid about what I download and use several browser plugins. Security Essentials is pretty much on or off.
Sourcefire Immunet
Admittedly I have not used Immunet for a substantial and dedicated period of time. However I do like the company and it is based on the open-source ClamAV. While Immunet is specific to Windows, ClamAV can run on most any OS. For those folks that run multiple OSes this might give you more of a common feel across your devices. Immunet is also fairly simplistic in the options available, though I would say it is a bit more flexible than Security Essentials. Instead of a single on/off switch, Immunet has an on/off for various sub-components of its features.
AVG
AVG used to be the king of free anti-malware. While I liked AVG it was a bit noisy and became annoying with all the various pop-ups. AVG does offer the the most flexibility and configuration options. It is typically favored by the more experienced users.
Just a small sampling of options. Find one that you like and make it work for you.
Say what you want about anti-malware but it is a component of defense in depth, and it does help the average user. The question is less about should you run anti-malware and more about which one.
I'm going to high light 3 applications however there are many more out there.
Microsoft Security Essentials
Microsoft actually surprised me with Security Essentials when it was released. It does not have the most options but at the same time that is not all bad for the average user. I have been running Security Essentials for about 3 years and it has served me well. I am also a wee bit paranoid about what I download and use several browser plugins. Security Essentials is pretty much on or off.
- It does not appear to use too much for resources.
- It also has a setting for max allowed CPU utilization.
- It has the usual custom and scheduled scan options.
- It has the option to right-click and scan an individual file.
- It ties in nicely with the Windows Security Center / Action Center.
Sourcefire Immunet
Admittedly I have not used Immunet for a substantial and dedicated period of time. However I do like the company and it is based on the open-source ClamAV. While Immunet is specific to Windows, ClamAV can run on most any OS. For those folks that run multiple OSes this might give you more of a common feel across your devices. Immunet is also fairly simplistic in the options available, though I would say it is a bit more flexible than Security Essentials. Instead of a single on/off switch, Immunet has an on/off for various sub-components of its features.
AVG
AVG used to be the king of free anti-malware. While I liked AVG it was a bit noisy and became annoying with all the various pop-ups. AVG does offer the the most flexibility and configuration options. It is typically favored by the more experienced users.
Just a small sampling of options. Find one that you like and make it work for you.
02 July 2013
Secunia PSI
Secunia PSI
So the question is do I lead or follow with Secunia PSI?
As this is partially a ramp-up to DefCon ending on a security note would be appropriate. However security is important and should not be left to wait, so grab this puppy and run it.
Personally I prefer the 2.x interface more than the 3.x interface. With that said the interface in 3.0 has been tweaked since it's initial release mostly compensating for the aspects I did not like. The addition of the list view is very welcomed. As was the option to select between auto-update and notification only.
In theory the 2.x version is completely usable and will keep you just as updated as 3.x. I have not attempted to run 2.x on Windows 8, mileage may vary.
Download and install is the typical double-click process, no surprises there. Last I ran the installer the application was still pleasantly unbundled and did not contain any extra garbage, tool-bars, etc.
So why should you care and run Secunia PSI?
You are running Windows right? Enough said. No seriously while Microsoft is making strides towards better security it is still a huge target. As are many of the big name applications that run on Windows.
Secunia PSI will not secure or protect the OS or the applications themselves. It will however alert you to the presence of a known vulnerable version of software and provide a link to the patch if one is available. There is an option to allow Secunia PSI to automatically download and install patches. Point being there is a distinction between having an up-to-date version of software and securely configuring said software. Secunia PSI does not examine the specific configuration of the software, only that it is up-to-date. For most of you average Windows users this is huge and Secunia PSI is incredibly valuable. Even for seasoned users the task of ensuring your patch process each month is greatly simplified.
Secunia PSI will make you aware of exactly how much stuff is on your PC, and what most be updated. Listen to it well. Use it to eradicate the unnecessary bloat ware shipped with your new PC. Use it to keep the high target apps up-to-date in near real time, Java, Adobe Flash, to name a few.
Every Windows user should take advantage of this wonderful and free app.
Secunia PSI
So the question is do I lead or follow with Secunia PSI?
As this is partially a ramp-up to DefCon ending on a security note would be appropriate. However security is important and should not be left to wait, so grab this puppy and run it.
Personally I prefer the 2.x interface more than the 3.x interface. With that said the interface in 3.0 has been tweaked since it's initial release mostly compensating for the aspects I did not like. The addition of the list view is very welcomed. As was the option to select between auto-update and notification only.
In theory the 2.x version is completely usable and will keep you just as updated as 3.x. I have not attempted to run 2.x on Windows 8, mileage may vary.
Download and install is the typical double-click process, no surprises there. Last I ran the installer the application was still pleasantly unbundled and did not contain any extra garbage, tool-bars, etc.
So why should you care and run Secunia PSI?
You are running Windows right? Enough said. No seriously while Microsoft is making strides towards better security it is still a huge target. As are many of the big name applications that run on Windows.
Secunia PSI will not secure or protect the OS or the applications themselves. It will however alert you to the presence of a known vulnerable version of software and provide a link to the patch if one is available. There is an option to allow Secunia PSI to automatically download and install patches. Point being there is a distinction between having an up-to-date version of software and securely configuring said software. Secunia PSI does not examine the specific configuration of the software, only that it is up-to-date. For most of you average Windows users this is huge and Secunia PSI is incredibly valuable. Even for seasoned users the task of ensuring your patch process each month is greatly simplified.
Secunia PSI will make you aware of exactly how much stuff is on your PC, and what most be updated. Listen to it well. Use it to eradicate the unnecessary bloat ware shipped with your new PC. Use it to keep the high target apps up-to-date in near real time, Java, Adobe Flash, to name a few.
Every Windows user should take advantage of this wonderful and free app.
Secunia PSI
30 Days of Tools
So the gratitude diary was a fail.
Positive Comments May was a fail. Or success as i really didn't say anything, depending on which side of the fence you are on.
A tune a day in June went well.
(All posted via other services.)
For July, to get back into more of a tech vibe and to force myself to blog more often I will be commenting on a tool a day.
Enjoy.
Positive Comments May was a fail. Or success as i really didn't say anything, depending on which side of the fence you are on.
A tune a day in June went well.
(All posted via other services.)
For July, to get back into more of a tech vibe and to force myself to blog more often I will be commenting on a tool a day.
Enjoy.
Subscribe to:
Posts (Atom)
