[Hidden-tech] Windows security (sic)

[Jonathan Dill]

Hello folks,

I do "emergency calls" on computers and wanted to make a few comments
and suggestions about how not to have your computer trashed if you have
Windows.  The bottom line is it is probably a lot cheaper--though it
does cost some money--to do a few things up front rather than try to
clean up the mess if you have not made any preparation.

I have been doing a lot of these calls lately where people "had the
anti-virus software that came with the computer..." which expired in
2001 or something like that.  And then his or her teenager stopped by
the office and used the computer "to do homework" ahem, or some similar
instigating incident.  And then the next time the computer restarted,
this funny window came up, and someone clicked "OK" and then the system
wouldn't come up after that.  OK so maybe a lot of IT people would say
this is stupid / irresponsible / whatever, but in practice, I'm finding
that it is extremely common.  My new joke is that I am changing my
slogan to, "NO Windows for you! Linux, Linux, Linux!!!"

Often, all of the critical system files are deleted or at least trashed,
and if there is no backup, all there is left to do is try to copy off as
much data as I can, re-install Windows, and copy the data back to the
computer.  By the time I have run Windows Update for the Nth time and
rebooted for the Nth time, tried to make it reasonably secure, and
copied all of the files back, it takes at least 4 hours.

If you don't have the original CDs that came with your computer, either
you will be buying new Windows, or ordering the "System Restore" CDs
from the manufacturer and waiting a few days for them to show up--I have
found that some OEM licenses for Windows do not work with just a
standard Windows CD, the Registration Key from the sticker on the side
of the computer may not even be recognized as valid because it is not a
"WPA" license.

If you have Windows, please check to make sure your antivirus software
has a valid license and that the definitions are updating regularly,
preferably automatically.  If you're not sure, get a geek to help you,
or if it's been a year since you last bought antivirus software or an
upgrade, go out and buy the latest Norton Antivirus for Windows.

If you have a Windows PC that is critical to your business, your friends
and family should not be logging on to that computer to do anything, it
should be just for business as much as possible.  Get a second cheap PC
for example from Walmart and let the kids use that.  Hey, I know it's
money, but it may cost less to just buy a cheap PC up front than what
you will pay to try to recover your business files if your computer gets
trashed.

Get an external USB2 disk drive for backups.  If your computer is more
than a year or two old, you may also need to buy a USB2 card for your
computer.  Maxtor and Seagate are a couple good brands for disk drives.
The disk should be at least twice the size of the total space of the
hard drive(s) inside your computer.  Ideally, you should have Windows XP
Professional, and the backup tool that comes with that works fairly
well.  Norton Ghost 9 is another good tool.  Some external hard drives
may also come with backup software.

CDs and DVDs may sound like a good idea for backups, but in practice I
find a lot of people just end up not bothering because it's "too
inconvenient."  It's much easier to just set up the external backup
drive, make it automatic, and just back up the whole entire thing
instead of trying to pick and choose.  That way, you can also have a
complete "disaster recovery" solution where you don't have to re-install
Windows and all of your applications again which is a whole lot more
time-consuming than you might think.

Lastly, if you have a broadband internet connection, it is essential
that you have a *hardware* firewall / router and that it is configured
correctly.  Software firewall might be OK as a 2nd line of defense, but
I do not trust it 100%.  If you get one with wireless built-in, make
sure to have an IT geek configure it for you and set up some type of
encryption--I really don't think wireless is a bad idea if it's done
right.  If you have a small business with several people and a little
budget for a firewall, Sonicwall TZ170 may be a good choice--it has some
excellent options that you can subscribe to block spyware and viruses
and "intrusion prevention" and such as a second line of defense.  For a
home office or a couple people, Linksys is a good brand.

Jonathan