It all started when I was trying to export a video from iMovie to iDVD on my Mac. Things were chugging along just fine. The progress bar was progressing. I had turned to another computer to continue working on a project, when suddenly…

ka-thunk… ka-thunk… ka-thunk…

What??? I frantically whipped my head around because that sound was all too familiar to me. I watched in horror (because it is almost Halloween), as my beloved black MacBook displayed the spinning beach ball and then everything froze on the screen.

Rebooting resulted in the “folder with question mark” display on the screen. Those of you with Mac’s know that this is not a Good Thing.

So, I’ve had this MacBook for 4 years and this is the first drive crash it has had. I’ve got another drive that I can put in, so that is not a problem.

But, what about all of that important data that was stored on the computer? Have I lost it?

The short answer is NO. An external drive and the Time Machine software in OS X saved the day. I’m restoring the system as I write this post. All should be well before the end of the day.

So, you are doing backups, right?

Several solutions exist for backups.

I really, really like the highly reliable, but simple to use, Time Machine with Mac OS X. If you use a Mac, you should invest $150 in a large external drive and set up Time Machine.

If you are running WindowsXP, you can use the built-in NTBACKUP.EXE application. On Vista/7, you can use the Backup and Restore application in the Control Panel. You could even use ROBOCOPY.EXE to do things manually.

Third-party applications can be purchased for both Mac OS X and Windows that work well. Often you will find that if you purchase an external USB-connected hard drive, it will come with backup software.

Many people like the online backup services. These only work well if you have broadband Internet regularly available to you. Dial-up users might pass on to the Afterlife while waiting for the initial backup to complete.

I see that my Time Machine restore is about 56% complete with a little over an hour to remaining. Ahhhh… What a good feeling to know that all my important information will be back in just a little while.

Here’s hoping that your backups are as good as mine,

- Dan

Fred Langa with Windows Secrets has written about his experiences with Microsoft Security Essentials (MSE) running on Windows 7.

http://windowssecrets.com/2010/05/06/01-The-120-day-Microsoft-security-suite-test-drive

Important points…

• Use firewall, filters (in browsers & email), and anti-malware.
• Products from Microsoft are finally easy-to-use for normal users.
• MSE can be configured to be very unobtrusive.
• MSE will frustrate advanced users, or those who need more complex customization.

Personally, I’ve had MSE running on a virtual machine that I use every day, and have been pleased. It is lightweight in it’s use of system resources.

It seems that for most home users who are running Windows 7, there is no need to purchase a security suite.

- Dan

For most folks, FREE is a word that they makes their ears perk up.

Microsoft Security Essentials is a FREE anti-virus and anti-spyware offering from Microsoft. They bill it as a light-weight product that has a smaller footprint than commercial products. It is intended for the home user. It can be found at www.microsoft.com/security_essentials/

Obviously, it runs on the Windows platform. You’ve no doubt noticed the Mac bias from other posts. My interest comes from supporting the XP Pro notebook my wife uses and the Vista Home Premium notebook that one of my son’s uses. Other extended family members also use Windows.

The installation was amazingly simple. But, before the install, you should uninstall any other AV products you may be running. Go to the Security Essentials site and download the installer. Double-click on the downloaded installer program and follow the prompts. When the install is done, Security Essentials does an update of the signatures, and then you are encouraged to do a complete system scan. That takes a while.

The scan produces a report of any threats that are detected on your computer.

The Security Essentials console is arranged in a reasonable fashion. There is the Home tab which gives a quick overview of the state of AV protection on your computer. The Update tab allows you to force an update of signatures. The History tab let you see what threats have been found and the action that was taken. Finally, the Settings tab allows for modification of behavior of Security Essentials. The defaults are reasonable.

Following installation, I noticed that there are two new processes using memory. On my test XP Pro test machine, msseces.exe uses 11,820K and MsMpEng.exe uses 70,052K.

Very few CPU cycles are used when doing real-time protection. But, you will notice a performance impact when a full scan is running. This is similar to what you would experience with other products.

In summary, Microsoft Security Essentials was very easy to download and install. I found it simpler to use than competing free products like AVG Free. Several independent labs tested the efficacy of the product during the beta period. They all report sufficient detection and remediation of threats.

So, if you have a Windows XP, Vista or 7 computer at home and don’t want to spring for a commercial product, it looks like Microsoft Security Essentials is a winner!

- Dan

Sorry to bring this up, but your computer is not perfect. Neither were the programmers who wrote the programs. Neither were the dude’s who designed the hardware. And of course the user is not perfect!

Patches and Updates are used to correct programming errors and fix vulnerabilities in the software.

It is difficult to keep up with the vulnerabilities that are found for Windows, OS X and all the programs that are running on them.

So, today’s tip is to use the automated facilities of Windows and OS X to automatically update the operating system and applications.

To enable this in Windows, go to the Control Panel and look for Automated Updates.

For OS X, go to the System Preferences application and open Software Update.

Both Windows and OS X allow for the computer to download the updates on a set schedule. When you are notified of updates, you should let them install.

It’s convenient to just turn on your computer, go get a cup of coffee and have the desktop waiting for you when you come back. Right?

But do you realize that you are putting your sensitive data at risk when you do that?

What if you lose your computer? One barrier to the Bad Guys accessing your files is removed. I can think of countless scenarios similar to this.

If you are running Mac OS X, here are the steps to turn off automatic login…

1. Open System Preferences and then open the Security pane.



2. Put a check mark beside “Require password to wake this computer from sleep or screen saver”, and also put a check mark beside “Disable automatic login” for all accounts on this computer.

What about Windows XP or Vista? First off, you need Local Administrator rights to make this change. Second, if you are joined to a Domain, then by default your auto-login is turned off and this is managed by the Domain Administrator.

Here are the steps to turn off automatic login in a Windows XP and Vista environment…

1. Go to Start… Run… and then type control userpasswords2 in the Run… box and hit enter.



2. Put a check mark in the box beside Users must enter a user name and password to use this computer. Click Apply, then OK.

That’s all there is to it! Pretty simple, and greatly increases the security of your files in the event you lose your computer, or someone without permission turns your computer on.

- Dan

You’ve probably heard that a worm is set to kick off on April 1, which will cause untold damage to your computer and will spread quickly across the Internet.

Before panic sets in, take the time to read this Q&A from f-secure. It addresses the basic facts about Conflicker. Also, the Q&A shows the simple steps that you can take to protect yourself from Conflicker.

Questions and Answers: Conficker and April 1st – F-Secure Weblog : News from the Lab

The best steps you can take to protect yourself is to

• make sure that your anti-virus software is up-to-date with both the engine and the signatures, and to do a complete scan of your computer, and
• make sure that you have the latest Windows patches installed on your computer. This can be done through the Windows Update service.

If you do get infected from Conflicker, f-secure also has a tool to clean your computer. The link is toward the bottom of the Q&A page.

Update: Conflicker only affects Windows. If you are running OS X or Linux, you cannot be infected.

Have fun!

- Dan

This following report came out on March 23, 2009. It reports that many people are falling prey to false warnings that “your computer is infected”, and then click the link to install some super anti-virus product that is really bogus.

Finjan: Bogus Anti-virus Is Big Business

I’ve helped many people remove bogus AV software from their computers.

Your small business should have a standard AV product that you use and users need to understand that they should *not* click on pop-ups advising them that they don’t have sufficient AV protection.

Later…
- Dan

You probably have sensitive information stored on your notebook computer and may not even realize it. The loss or theft means that sensitive or confidential information has been removed from your control. Who knows where the information will end up, or what it will be used for.

1. You can take some very practical steps toward protecting the sensitive information that is stored on your notebook computer. Let’s start with basic steps and progress to some more complex solutions.
2. Make sure that your notebook is configured to disable automatic logins into Windows, or whatever operating system you choose to use. While it is convenient to just turn your computer on and begin using it, if it is lost or stolen, there are no barriers preventing access to the sensitive information.
3. Consider enabling the boot password. This is sometimes called the BIOS password. Notebooks using the newer EFI have a similar capability. This provides yet another barrier in the event of theft.
4. Disable the default administrator account. Many Windows users do not even know that they have an administrator account active. Unix or OSX users should make sure that this account has a very strong password.
5. Speaking of passwords, your user login (and the administrator login) should have a password that is complex. It should be a combination of letters, numbers and special characters. It should not be written on a label that is stuck to the keyboard. Yes, I have seen this done!
6. Consider whether you really need this sensitive information on your computer. If you are in a public school, do you really need your complete grade book with student names, addresses and phone numbers on your notebook? If you have a small business, do you really need the credit card numbers from your on-line sales carried around on your notebook?
7. If you determine that you really do need the sensitive information with you, then you should use file or disk encryption. Most recent operating systems have this feature built in. If you need or want more features there are a variety of 3rd-party encryption solutions available. Windows XP comes with EFS. Windows Vista has Bitlocker. Mac OSX has Filevault and can create encrypted disk images. If a more robust solution is required, consider PGP Disk or TrueCrypt.

The bottom line is this, the loss or theft of a computer containing sensitive or confidential information can have a significant impact on your reputation, or the reputation of your organization. Are you willing to accept this risk?

- Dan