Security Fix Live

Network News

X Profile
View More Activity
Brian Krebs
Security Fix Blogger
Friday, April 24, 2009; 11:00 AM

Security Fix blogger Brian Krebs was online Friday, April 24, at 11 a.m. ET to answer your personal technology questions and offer ways to protect yourself from online security threats.

____________________

Brian Krebs: Good morning, Dear Security Fix Readers, and welcome to Security Fix Live. I've got a bunch of questions piled up already, but many of them don't contain enough information for me to answer them with any hope of accuracy. Please, please, please, when you ask a question...if the question is hardware related, give me some idea of what make/model hardware you are using beyond just the brand (e.g., "a Dell router" doesn't help me much). Likewise, if you're having a software issue, give me some idea of your setup, such as installed security software, browser o'choice, etc. With that....ONWARDS!

_______________________

Herndon, VA: I got an email from a company that is looking for people to help with "Riddle Buying." I would love to take the job, but I don't know what my patronymic is. What should I do?

Brian Krebs: Oh jeez. Please read this carefully. You want to think long and hard before accepting a job offered to you via email. These offers are almost always scams, designed to enlist you in some scheme that will either leave you worse off than when you started, or will land you in trouble with The Law, or both.

To answer your question, your "patronymic" is your family name, or to be more precise, the name passed on to you by your father. However, hardly anyone in this country uses that term. More often, it is used in Eastern European countries, where the patronymic has more societal and familial uses. For example, someone in Russia named Ivan Igorevich, the second part may be the patronymic, and in this case means "son of Igor."

Anyway, long story short, ignore the e-mail and find yourself a real job. Most of these employment come-ons via e-mail are bad news. Please trust me on this.

_______________________

Pittsburgh, PA: Any suggestions for Mac users?

Thanks

Brian Krebs: I'm just going to answer some of these vague questions that I alluded to in my introduction just so people can get a sense of what I'm talking about. Plus, the folks asking these questions may actually get a chance to resubmit them with more details.

Suggestions in what respect?

_______________________

Milwaukee: I have an older Dell router (2002) and I tried to initialize the encryption when I bought it but it did not seem to take. Do you have any suggestions on how to get it up and running on my Dell computer?

Brian Krebs: What kind of Dell router? Is there a model number of any kind on the thing?

_______________________

Honolulu, Hawaii: Hi Brian,

I currently have Norton Internet Security 2008. Because of the good reviews, I plan to get NIS 2009 when my 2008 expire. Any tips regarding installing this new upgrade? I have read that there were problems installing Norton products. Thanks.

Brian Krebs: My only tip would be to make sure to keep a copy of your license keys for both programs in a secure place that won't get erased. Then when you want to upgrade, consider fully removing Norton 2008 before installing 2009.

When you go to remove Norton, do so through the add/remove programs feature in Windows. Symantec has a special removal tool that you can use after that to get rid of any components that may be left behind.

_______________________

washington, DC: I have a difficult time understanding people whose only job is to monitor other people's emails. What is the OPM job description for those folks?

Brian Krebs: I have a difficult time imagining a company where someone's job is just to monitor emails. Most tech/security people at large organizations can and sometimes do monitor emails, but usually only at a request from a superior.

Some companies have automated tools that do this, and can even inform management of inappropriate use of e-mail by an employee, or when an employee sends out an email that contains proprietary or sensitive company information.

You more than likely signed a piece of paper as a condition of your employment not to do either of those things. Regardless, you should expect zero privacy in using regular e-mail anyway. That just goes double for e-mail at work.

_______________________

Alexandria, VA: I have more of a general question. What IT security issue has been "keeping you up at night"? Not necessarily one that impacts you directly, but that you worry about as an emerging trend that will impact lots of people or machines.

Brian Krebs: A few things. One is people using peer to peer (p2p) music and file-sharing software without having a clue what they're doing. The amount of sensitive personal data out there that people leak from their PCs through the use of misconfigured P2P software is mind-blowing.

People who let their entire family use the same PC -- with admin rights for everyone -- and then sit down and do their taxes, online banking and/or investments on the same PC. I see that all the time, and it's terrifying.

The fact that some jerk can climb down into a tunnel and saw through a few wires and all of a sudden an entire city is without Internet, 911 service, telephone, etc. That's downright terrifying, potentially deadly, and there is little practical way to protect against such attacks, save for building in massive redundancy.

_______________________

Cottage Grove, OR: Hi Brian. Why do people use proxies with Firefox? What are the ups and downs? Is there a preferred proxy for Firefox?

Brian Krebs: Proxies are useful for a couple of reasons. Sometimes you may want to use them for anonymity. TOR is a system that essentially lets you browse the Web using a series of encrypted proxies, as a way-oversimplified example.

People sometimes use proxies also to get around Web filtering of various kinds. For example, it's not unusual for security researchers to come across cyber criminal forums that only allow access if you appear to be coming from a Russian or E. European Internet address. Proxies can come in handy for that too.

Those are just a couple of examples. The downside of using proxies is that you're necessarily routing your Web traffic through a third party system. If that system (the system at the IP address of the proxy) wants to monitor and record all of that traffic, it can do so.

_______________________

Washington, D.C.: Speaking of Eastern Europeans, what's the deal with "czar" positions in the United States government, e.g., Copyright Czar, Technology Czar? It doesn't really send the right message about these positions, or does it?

Brian Krebs: You're right. It's not terribly appropriate or accurate. After all, these people don't have czar-like powers. Although, perhaps that's why the term persists? We tend to use them to describe positions that are in charge of difficult-to-solve problems, like drugs, cyber crime, that sort of thing. Perhaps deep down, we wish they did have extra-legal powers? Just a thought.

_______________________

Too Embarrassed to Give Location: Okay, so my husband and I have an old computer running Windows 98SE. He bought a Coby MP3 player specifically because the package said it would work with Win 98SE. However, the instructions said that we would need to download a USB driver from the company's website. BUT, there is no such driver on the website. I have emailed their tech support but have received no reply. My question to you is: There are websites out there offering all kinds of drivers - free, but you have to register. I am worried that these exist to trick the guileless into revealing information or to infect your computer, etc. Do you know of any reputable sites for drivers? Thanks!

Brian Krebs: Haha. I love the location. Priceless.

Don't be embarrassed. I had to grapple with the same thing a while back while trying to fix my Dad's old Windows 98 machine. I wanted to plug in a removeable drive into the USB port, which apparently he had never had occasion to use before. I believe I ended up downloading the USB driver from Dell's support site.

I just looked at Coby's support pages and you're right, that's just ridiculous. I couldn't find any drivers available at the software drivers portion of the site, just images of the products available. You should seriously consider calling/e-mailing Coby, especially if they market it as W98 compatible.

What does the system say when you plug in the device? Does it give you any messages? If not, try opening Device Manager in the Windows Control panel (device manager is under the "System" option in the control panel). When you've got that up, see if there is a device with a yellow exclamation mark on it. If so, right click on that and choose "update driver." Let it access the internet if it asks for access. If that doesn't work, try visiting Windows Update, letting it scan for available updates, and then check for optional hardware updates.

_______________________

Denver CO: Because of the recent vulnerabilities discovered in Adobe Reader a lot of tech folks are moving their staff to alternative PDF readers. Do you think using adobe reader and/or adobe acrobat is no longer a good idea?

Brian Krebs: I think diversity is a good thing, especially in computer software and operating systems. Given equal or better alternatives, using a software package that is not the clear market leader is often a smart move from a security perspective.

For some time now, I have recommended the free Foxit Reader over Adobe's PDF reader, which I find bloated and slow. The potential security benefits are an added bonus.

_______________________

Clifton, VA: Mr Krebs,

Beat you to it my request to be czar of beautiful women in the US was there first.

You snooze you lose. I am interviewing for assistants at the my hotel in SOuth Beach starting Monday!

Brian Krebs: I have no idea what that means, but it sounds like there would be a lot of competition for that position. And I doubt they would need to call it a "czar" post for people to be interested.

Why do all the crazies come from Clifton? (full disclosure: I spent some time there myself!)

_______________________

Chicago, Ill.: I am unemployed and looking ...I have from Internet AVG, CC cleaner, Ad Aware and Malaware Bytes plus all the updates I get from microsoft. Is this enough? I do get trojans occasionally and am at 20, for speed with RCN. The old XP seems slower and slower although I am a good maintenance person. Websites like CHGO. Tribune. NYTime, etc. are now loading at 30-45 seconds vs 10-20 a year ago on my COMPAQ. Am I alright or is it just too many folks on the same line or in need of professional protection. I find and things just take longer and i wipe trojans about 5 per week that attempt to attack. Thanks

Brian Krebs: I wish you luck, in both your affairs of the wallet and the rest.

Your protection scheme there sounds like a retinue of software from the 80s. Seriously, your system sounds like it's well overdue for a re-install.

The problem with Windows XP was that Microsoft shipped it to the world in a very insecure state. By default, Windows XP is set up to be run under the all-powerful administrator account, all the time. This is the exact opposite of the way things should be for any sane and security operating system, because even smart, techie types make mistakes that can't easily be undone while using the admin account. Now, consider the damage that malware can do one it gets on your system, and it gets there while you're browsing the Web with your admin account. That's why so many Windows users are in such a bad way.

I have advocated a radical approach as an alternative to fretting about anti-spyware and anti-this and that: use an account with lesser user rights for everyday use, and only use the admin account when you need to make important changes to the system or install/uninstall software.

My advice: make sure you have all your important documents saved on a removal drive or DVD or whatever, including any software license keys you have. Then reinstall the OS, download a copy of XP Service Pack 3, the remaining security updates, and then follow the instructions here for creating a limited user account.

After that, use the admin account only on a sparing basis. Grab some free antivirus program like Antivir or AVAST, install Firefox and the no-script add-on for added measure, and get on with life.

_______________________

Arlington, VA: Hi Brian,

With all of the security risks out there and so many people not knowing enough to apply patches and pay for a decent security suite, what's your opinion about personal liability for "letting" a system become a zombie bot or used as a launching point due to simple neglect? Beyond putting their own personal data at risk, they are potentially providing resources (computing power) to the bad guys and allowing things to spread.

Should preventative measures be required like inoculations for the safety of the masses? Or do we consider it to be Darwinism at its best?

Brian Krebs: This is non-starter for one main reason: It's not scalable, and you'd be blaming the user, who is in most cases a victim of the fact that they were shipped a defective product to begin with.

The real answer lies at the ISP level. Right now, we have a law that requires ISPs to alert customers and require the removal of certain content that may infringe on the entertainment industry's copyrights. We have no such law when it comes to malware, phishing scams, spam, bots, etc., being spewed from home user/corporate systems. But maybe we should.

Then again, who's got the money that the entertainment industry has to lobby Congress on behalf of the rest of the world.

_______________________

Toronto, Canada: Does AVG Free provide adequate protection for an average home user or do you recommend a commercial product like Norton. I have used Norton in the past but it seemed to badly slow down my computer (a 7 year old Dell Inspiron 8100).

Brian Krebs: AVG Free lost its direction somewhere along the way. It used to be fairly decent free AV, but I wouldn't recommend it to anyone anymore. Mainly, because even on the fastest of systems, it's still pretty clunky and annoying. There are much better free alternatives: Avira and AVAST are great. NAV2009 is excellent, but not free. Huge departure from older versions of NAV in terms of speed and system resource consumption.

_______________________

Greenfield, Ind.: Brian, I have a tower computer hooked up to DSL. I just bought a laptop. How can I set up the DSL so I can use the laptop in all rooms? Thanks. Ray

Brian Krebs: Go to your local electronics store or Amazon and buy a wireless router ($50). A good, solid workhorse is a newer model Linksys WRT-54(g/etc). Hook the connection from the DSL into the router, and configure the router with a strong user name and password combo (DON'T keep the default -- everyone knows what those are). Then set up your router to use WPA or WPA2 encryption. Videos and how-tos are here.

_______________________

Alexandria, VA: There was a Post article about how the value of a credit card number to a criminal is almost nothing because so many of them are floating in cyberspace. Should I just assume my number is already out there? Can I do anything more than monitor my statements?

Brian Krebs: I think you're referring to this article:

Glut of Stolen Banking Data Trims Profits for Cyber Thieves

Anyway, most banks allow you monitor your banking activity and transactions online. Some even now let you sign up to receive text message alerts on your cell phone each time you make a transaction.

_______________________

Alexandria, VA: A couple of years ago I bought Windows Live One Care software in a box; it was on sale ($20, I think) and I figured I'd use it when my current security subscription expired. I never got around to it and now I think I read that this product is going out of business. Should I just throw it out and write this off to experience? I don't think I have a receipt and as I said it's been a couple of years.

Brian Krebs: You might consider calling Microsoft to see about a refund. While Microsoft is phasing out OneCare this summer, they will tell you they're just transitioning to a new offering. Perhaps you can convince them to let you trade it in for their new offering (which I haven't reviewed)? If you've never used the license key, they should be able to tell that you've never registered the software.

_______________________

Manassas, VA: Do the latest updates for Ad-aware or AVG anti-virus include a search for the conflicker virus? I can't seem to find an answer on their websites... I've used both, and my computer continues to run normally, but I'm just looking for that added comfort factor of knowing for sure. Thanks! (Dell 810C, Windows XP Home)

Brian Krebs: I would say that any anti-virus product that DOESN'T include detection for the most over-hyped threat ever created should be taken out to the woodshed and flogged.

Seriously, not to downplay your concerns, but there are far worse things to worry about than Conficker. If you can browse to security and anti-virus Web sites, you don't have Conficker.

_______________________

Alexandria, VA: Not a security issue, but you seem to have a broader knowledge base so thought I'd see if you have any ideas about this. Last weekend I had some issues with a home-built desktop machine: the connected APC UPS (a small 500VA model) started smoking. After chucking the UPS out onto the lawn (where it continued to smoke in safety), I tried plugging the machine into another UPS, but it wouldn't post. I swapped out the power supply (a quality Antec model) with a different unit and all was OK.

I've had bad UPS before, and bad power supplies (not on this particular machine, though). I've never seen one cause the other (and in this case, I'm not sure which direction that goes - UPS damaged the power supply, or power supply damaged the UPS).

No data was lost, no other hardware appears damaged, and the house didn't burn down, so in the end this was not a disaster. But the UPS and power supply have replacement costs of $150, so I'm a bit annoyed. Have you encountered problems like this before?

Brian Krebs: No, I haven't. I'm sorry to hear of your plight, and I realize that must be frustrating. I too, have lost money due to blow power supplies. I had one that I thought was protected by a surge protector, only to have the power supply explode in a giant "POP!" one day we had a power surge in our area. Turns out, the lame little surge protector I had on there was old, and didn't appear to be rated to the power throughput I had going through that machine.

I have no idea what may have caused the problem, but one thing that people forget about UPS devices is that the batteries need to be swapped out after a while -- they simply lose their ability to hold a charge. It is possible the battery inside the UPS was so old or corroded that it shorted out components inside. Again, I don't have enough detail to be able to answer any better...just a guess.

_______________________

WRT54G ROUTER: Brian,

I had an earlier version and it didn't support WPA, only WEP. I'd recommend a Dlink DIR 615 for about the same price, and 256 bit encryption.

Brian Krebs: Yeah, that's a decent router too. That's why I suggested "newer model". WRT54 is extremely easy to find and very affordable, and the latest models all support WPA/256.

_______________________

Florida Chick: I teach news reporting to undergrads at a large state university. To date we haven't delved into reporting "for" mobile devices, assuming that our bedrock values will apply on any platform. But I am starting to see news tailored for mobile readers that looks like someone just chopped down a "regular" news story with a blunt knife. In your view, aside from straightforward updates like encroaching wildfires or sports results, should news be written in a specific manner when the reader will be squinting it off a small screen? I would like your ideas and refer me to any gurus you know who have addressed this. Thanks.

Brian Krebs: I don't know of any major newsroom that has people re-writing stories to make them tiny enough to fit on the screen of a mobile device. I believe what many news sites are doing is creating or buying content management systems that auto-create shorter versions of stories for display on dedicated mobile pages, which are generally free from ads and other bandwidth intensive stuff. In many case, the short versions will be just the first few paragraphs of the story, with a link to read more. In other cases, it will be whatever you would see if you were to load the page in an RSS reader.

_______________________

Seattle, WA: How does junk mail from Eastern Europe or Western China end up in my mailbox? Are e-mail addresses bought and sold?

Curious

Brian Krebs: Yes, e-mail addresses are bought and sold all the time. You thought that "free ipod" offer you got just for giving up your email address at 10 different providers was free??

Seriously, most often, email addresses are harvested by automated bots that crawl the web looking for addresses that people have posted into forums, web sites, etc. Once harvested, yes, they are sold and resold.

_______________________

Rockville, MD: Brian, it appears that Chevy Chase Bank has been replacing their branch ATMs with ones that have some sort of protruding lighted slot guide for your ATM card. In light of news about people attaching card skimmers to ATM machines, this seems like an incredible stupid choice. Is there a way to tell if an ATM has one of these card skimmers as opposed to something that's part of the ATM's aesthetics?

Brian Krebs: Hrm. Not sure I've seen what you're talking about, but it may be an effort to get there before the bad guys do. E.g., if your ATM has a flat face that you stick your card into, would people think it odd to see a skimmer stuck to the outside of it? Probably not, if they'd never been to that ATM before. Would they think it odd to see an oddly-long protrusion where you stick your card in, made more long by the fact that someone came along and stuck a skimmer on the end of card-accepting slot that was already extruding from the ATM? Maybe.

One thing I have seen more of lately is ATMs that include a picture of what the ATM itself should look like, allowing people to do a quick check to see if anything looks awry. Of course, that works as long as the thieves who want to affix their skimmers to the ATM don't also plaster over their own picture of what the hacked ATM should look like!

_______________________

Brookfield, Conn.: I followed your guidelines on cleaning up my computer, but it's still slow. I worry that it has hidden files somewhere. What can I do to remove everything I don't want?

Brian Krebs: You can start over, following the directions I gave to Chicago, above.

_______________________

Washington, DC: Please forgive me if this has already been answered in previous webcasts. Is there a "Lemon Law" regarding computers? My well-known name-brand computer has been returned to the factory three times since November for problems ranging from replacing the motherboard to (now) trying to determine why the computer just shuts off without warning and/or goes into hibernate mode when the setting is for sleep mode. While it's still under warranty and these fixes are not costing me any money, I have endured lost files, lost work-in-progress, and countless hours of downtime. At what point should I be able to expect a refund or a total replacement? The company's line is: "It's under warranty, and we'll fix whatever goes wrong." Yet, each visit to the factory fixes one problem only to have another surface. My requests for either a refund or a whole new computer are not honored. What recourse do I have? I don't trust the computer, and I've lost all faith in the company.

Thank you.

Brian Krebs: If it's still under warranty, I would call up the computer maker and insist that they send me a replacement computer.

My only other thought is -- have you added new hardware to the system since you've gotten it? I ask because the behavior you're describing is most often caused by a faulty or too-weak power supply. Typically these pre-built systems come with very low-power power supplies built in that are adequate for handling a hard drive plus an optical drive, but not much more. You might consider swapping out the power supply for one that is more powerful to see if that fixes the problem.

_______________________

Pasadena, CA: Hi Brian: I'm thinking about buying the ASUS EEE PC 1000 Netbook with Xandros Linux OS to avoid virus, malwares and all nasty stuffs. Do I/Should I install/use Linux anti-virus program like the free Avast Linux anti-virus program? Thank you, Don I've been reading your articles religiously :-)

Brian Krebs: I wouldn't worry about anti-virus software if you're running Xandros/Linux. Just make sure you follow best practices, such as not running the system all the time as "root". You might invest in a backup program to make an image of the drive (chances are extremely good that capability is built into the OS itself) in case something goes wrong.

_______________________

Waldorf, MD: My daughter brought home her PC from college and it was a mess. It had some type of trojan or worm that disabled Windows update and her Norton AV. What kind of virus can disable Windows update and also Norton AV? I had to download a program called XoftSpySE from Pareto to get rid of the virus. I also had to uninstall Norton AV. I have a Comcast account, so I downloaded McAfee for free and installed it. After downloading a slew of Windows updates all seems to be well. What are your thoughts on Norton AV vs. McAfee? Thanks!

Brian Krebs: It is pretty much standard operating procedure for most malicious software these days to disable security software and the ability to download security updates on the host machine. This is a standard feature built into most malware.

_______________________

Washington, D.C.: Hi Brian - let's say -somebody- does want to use P2P software, despite moral/legal issues: do you have any safety tips? I'm thinking specifically of BitTorrent. Thanks.

Brian Krebs: Sure. Do it on a PC or computer that you don't care about. Don't download executable (.exe) files or screen savers. Stick to movie and mp3 files. Run away from anything upon playing that asks you to download or install a codec or add-on. Don't share media between the P2P download machine and other machines you want to keep clean.

_______________________

Hamilton VA: I have a Dell desktop, not too old, 2005. Have Morton 2008 that scans the computer every time it boots up. It is now taking over 15 minutes to perform this function. Nothing else, that I know of, is running. I do have a linksys router that it contacts and I get a notice about trying to make the wireless connect. Desktop is wired. Could I safety shut this function off?

Clifton is only reliably Republican precinct in FFX county. That is it's problem in a nutshell.

Brian Krebs: ROFL @ "Morton 2008." I'm pictured a big fat steak. That's essentially what older versions of Norton are. Bloated, fatty, I could go on. The newer, 2009 software is much slimmer, faster.

It's kind of sad that the only comfort you gain from this is believing this may be protecting your system. It might be, but who can live with a 15 minute boot up time? I say ix-nay Morton (uninstall, then use the free removal tool I linked to earlier in this chat -- text search for "removal"), then put in its stead some other, free AV that's far less painful to use, such as Antivir or AVAST.

Good luck. And I really didn't mean to pick on Cliftonites. I will always have a soft spot in my heart for those folks.

_______________________

D.C.: Your first two questions cracked me up...keep them coming!

Brian Krebs: Happy to inform AND entertain!

_______________________

q re apple viruses: This is a really, really basic question. I just bought a mini-mac, in part because our PC has been so prone to viruses and spy-ware, etc. I understand that Macs are less so, but I have also been told that this is only because they are less popular. What is my best bet for virus/spyware protection on my new Mac?

Brian Krebs: I wouldn't worry about grabbing anti-virus software for your Mac. It's not really necessary, IMHO. What is necessary is for you to update the OS with patches when they are available, as well as the other installed components and third party software you may have installed (Firefox, Adobe, etc.).

Speaking of third-party software, the biggest security threat to Macs is through malicious add-ons and pirated software. Don't steal software, or download it from P2P/Bittorrent. Also, be wary of add-ons and plug-ins that various Web sites say you need to install in order to view content. If you really do need a "Flash plugin", then go to Adobe's site and check if you have the latest update installed. Don't trust these updates to third-party sites.

_______________________

Washington, DC: There is a virus on my computer that is preventing me from accessing the internet. Each time a click on a link for a specific website it is rerouted to another site called www. windows click (something like that). I keep getting the message that I need to buy spyware 2009. I dont want to. I feel like I am being hijacked. I need to know the easiest way to fix this problem without having to take it to the "shop."

Brian Krebs: Two tools will help you to fix your short-term problems.

Malwarebytes

SuperAntispyware

If you can't get to those sites through those links, try typing visiting them by cutting and pasting these IPs into your browser's address bar:

http://64.202.189.170

http://209.62.68.168

Both have free versions that you can download, install, run and should clean up the problem you're seeing.

Longer term, you should definitely consider setting up your system to run under a limited user account. At the very least, running Firefox under a drop my rights approach would be advisable.

_______________________

Richmond, Va.: Thanks for being here to answer our questions about a subject most of us still don't understand. My question: How exactly was a hacker able to get my hotmail password and send an email out under my name requesting money because I lost my wallet in England? Most of my friends weren't fooled by the awkward language, the stupidity of reaching out by email instead of the embassy or by phone, etc. Is it just me, or is this a hard way to get rich? Does this stuff actually work? MSN was able to recapture my account but advise your readers to have more than one email account. I didn't - when I first opened this account in early 2000 (or whenever), I never believed that my use of email would become so comprehensive. Then, I got complacent. Never again. (I hope.)

Brian Krebs: If you have a keylogger or other data-stealing malware on your system, one of the things it will steal is any usernames and passwords you store or enter. In the processing of trying to monetize stolen data in any way they can, some thieves actually sell stolen credentials to free webmail accounts. Now you know how those are monetized.

You may have simply used a lame password that some password-guessing program figured out. I don't know.

I've tried to impart to readers the importance of strong passwords and not relying too much on a single Web mail account. It could be worse: whoever jacked your Hotmail account could have held the account itself for ransom, like what happened to this guy:

Your Money or Your E-Mail

_______________________

Arlington, VA: Hello Mr. Krebs, I filed my taxes like most people earlier this month. Which reminds me that I have PDFs of a few years of my tax filings on my hard drive. The files would be easy for a thief to find if somebody stole my laptop and wanted to see what data is on it.

Do you have any suggestions for a simple, easy to use encryption program for a Vista PC? Thanks as always.

Brian Krebs: Hello. It's unlikely an intruder into or malware on your system would go rooting around for PDFs with tax data in them.

But to answer your question....you didn't say what version of Vista you have, but Ultimate and I think one other version of Vista comes with Bitlocker, a very solid disk and/or file encryption solution.

Truecrypt is a free alternative.

Be sure, however, that you read the documentation thoroughly before you start encrypting your drives and data, and that you understand how to recover if you have a hard drive failure or other unforseen problem. Also, if you forget your encryption password and encrypt your drive, you may be out of luck.

I'm not in any way trying to discourage encryption. I think it's admirable that you're considering disk/file encryption, but you should not take this step without fully understanding what it involves.

_______________________

NIS 2009: Brian,

The poster should take advantage of the many FREE anti virus programs out there. I'm very happy with Avira since I dumped AVG.

Brian Krebs: More advice for the person asking about Morton. Sorry, Norton.

_______________________

Brian Krebs: Wow. Hard to believe I've been at this now for two hours. We still have a bunch more questions in the hopper, but I'm out of time here, people. Thanks to everyone who stopped by, either to ask a question or just to read the transcript. We'll do another one of these chats in a couple of weeks. Until then, consider making the Security Fix blog a regular stop on your daily browsing route. Be safe out there!

_______________________

Editor's Note: washingtonpost.com moderators retain editorial control over Discussions and choose the most relevant questions for guests and hosts; guests and hosts can decline to answer questions. washingtonpost.com is not responsible for any content posted by third parties.


© 2009 The Washington Post Company

Network News

X My Profile
View More Activity