

Windows Security and Privacy

Kye Hedlund
Dept. of Computer Science
U. of North Carolina at Chapel hill
January 2013



This is a quick checklist of steps you can take to increase the security of your
Windows PC and to provide some privacy while surfing the web.  It is not a
'how to' guide. Implementing these steps will require you to find resources on the
web that explain the details.


1. No Brainers - if you don't do these, there is no point in doing any of the others.

--- Keep your software up to date. Immediately install updates especially for Windows 
but also Adobe, your browser, etc.  Many (most?) updates correct security flaws that
leave your computer vulnerable to attack.
--- Never open email attachments unless you are 100% sure where it came from.
Be advised that hackers can make it look like email is coming from a friend
of yours. You can not always trust that the alleged sender is who they claim to be. 
Be extremely cautious.
--- Backup your information


2. Essential for Security

--- Use Microsoft Security Essentials (or a similar product from Norton, etc.).
It is very easy to use, and can be downloaded for free from Microsoft.
It provides two pieces of software:
   i) Firewall - intercepts and regulates all Internet traffic to/from you computer.
This will keep unwanted visitors from gaining access to your computer.
   ii) Malware scan. Sometimes this is called a 'virus scan.'  Malware is a broader
term that stands for 'malicious software.' This includes viruses, spyware,
adware, keyloggers, trojan horses and other forms of disruptive and intrusive
software.
       --- Real time scan - automatically scans incoming traffic for harmful content. 
This will prevent anything that gets past the firewall from infecting your computer.
       --- Manual scan - Scans your entire disk. This is a comprehensive check to
see if anything has slipped past both the firewall and the real time scan.  This can
happen when the hackers are one step ahead of the malware scanners, as is often
the case. RUN A COMPLETE SCAN AT LEAST ONCE A DAY.  You can schedule scans to run 
automatically.



3. Recommended for Security

--- Use Firefox as your browser. Other browsers may also be safe, but Firefox is one that
I know is relatively safe (as of 1/2013). The following link is a quick introduction
to Firefox security
https://www.mozilla.org/en-US/firefox/security/

--- In Firefox intall the following add-ons:
    1) 'noscript' - Surfing the net can be dangerous when you allow web sites to
run programs (called scripts) in your browser. Most of the time these are harmless
and provide essential, interactive features that you want: slide shows, auto completion,
etc. Google, Facebook, CNN and other premium sites make extensive use of scripts. The 
'noscript' add-on allows you to control the web sites that are allowed to run scripts
in your browser.  You can allow trusted sites and block unknown or suspicious sites.
How do you tell if a site may be dangerous?  See Web of Trust add-on under Even
More Security.
    2) BrowserProtect - prevents malicious software from hijacking your browser.
 
--- Turn off Java in your browser (Control Panel/Java). The current (1/2013) Java 
vulnerabilities apply only to Java running in your browser.

--- Passwords
    --- Use strong passwords
    --- Don't use the same password for more than 1 computer/web site, etc. No one wants
to memorize dozens of random (i.e. strong) passwords.  A common shortcut is to use
a shared stem and add a prefix and/or suffix associated with a particular site or
computer.  For example, stem = 'JUIo99&*^%#', and the login for lumosity.com can be
'lumosityJUIo99&*^%#'.


4. Recommended for Privacy

--- Use private browsing in Firefox - automatically deletes cookies and browser history. See
https://support.mozilla.org/en-US/kb/private-browsing-browse-web-without-saving-info?redirectlocale=en-US&as=u&redirectslug=Private+Browsing&utm_source=inproduct
 
--- In Firefox, install the following add-ons:
    1) 'https everywhere'  This will make all your web traffic
encrypted and hence unreadable to anyone else.  There are a numer of agencies including 
the FBI and the NSA that routinely scan Internet traffic. Even if you have nothing 
to hide, you may want to 'Just say no' to big brother.
    2) 'Google-Yandex search link fix' - prevents Google from tracking your web surfing.


5. Even More Security
--- Install the Web of Trust (WOT) add-on to FF. This provides ratings of how trustworthy
a web site is and automatically alerts you if you try to navigate to an untrusted site.
It does not limit the sites you may visit but simply provides a warning.


6. Ultimate Protection

--- Anonymous surfing (TOR)
--- Encrypt your hard drive (True Crypt)
--- Shred old, unwanted files (File Shredder) 



7. A few links

Firefox security and privacy
https://www.mozilla.org/en-US/firefox/security/

Firefox add-ons
http://ezinearticles.com/?Firefox-Security-Add-Ons&id=7294264

Secure home wifi
http://teachcomputers.hubpages.com/hub/How-To-Secure-Your-Network