10 ways to mess up your PC
I've mention several times in the past that I am a subscriber to the free online newsletter called Tech Republic. This recent posting on the 10 ways to mess up your PC is a classic. If you want a PDF version, you have to register for it, but at least it's free ...
DON'T USE A SURGE PROTECTOR
Like the smell of bacon frying? Face it, we live in storm city here on the North Coast, so use a surge protector or refrain from complaining when your PC smells like a Memorial Day BBQ.
DON'T USE A FIREWALL
I know lots of people who don't lock their front door because it makes them feel like they're living in a Leave it to Beaver sitcom. I agree that living on the North Coast means a harkening back to the old days of public trust, but using the Internet means EVERYONE has access to your computer, around the world. For God sakes, LOCK UP.
DON'T USE ANTI-VIRUS OR ANTI-SPYWARE
Are you in a monogamous relationship with someone for the past 30 years? Then a condom isn't necessary. But in the computing world, USE PROTECTION. The variety of attack programs out there is staggering. Be safe.
INSTALL TONS OF PROGRAMS, ESPECIALLY BETA TEST PROGRAMS
The more programs you install, the more you are (exponentially) exposed to system conflicts, hidden spyware, and headaches. Use what you need, but use some discretion, and DON'T take everything that's offered to you. Pay special attention when you get a message asking "are you sure you want to load this program?"
DON'T DEFRAGMENT
Windows and even Mac have built-in defragment programming tools. When you write anything to a disk, it writes to the most available space, which is not necessarily contiguous. Deframenting on an occasional basis means a faster running PC with fewer operating problems.
OPEN ALL ATTACHMENTS
Email is the Trojan Horse. Want to see what's inside? Easy. Just open every horse that comes to your gate. Some have marauding soldiers aimed at attacking your computer. Here are some clues ... NEVER open a file that ends with ZIP or EXE. There are a whole host of other attachments that also cause problems, but BE SELECTIVE.
CLICK ON EVERYTHING
Many email programs include a feature that disables links and required that you affirmatively shut off the protection every time you want to click on an email link. If you can't help yourself, turn this feature on. Otherwise, be careful what you click on, ESPECIALLY in unsolicited email. Pass your cursor over the link to make sure it is going where it is supposed to go (ie. Bank of America, Chase Manhattan, PayPal, etc.). If it says ... http://1234.5678.910.11.12, or some other unrecognizable address, DON'T GO THERE.
SHARE FILES
See ANTI-VIRUS / ANTI-SPYWARE, for the clue on this one. Share and share alike means everyone has access to your computer. Not a good idea.
PICK THE WRONG PASSWORDS
It is amazing that so many people use 1234 or their first name as their password. Even if you use something unusual like "precipitation," password cracking software can detect dictionary words in less than 10 seconds. Try mixing numbers and letters in more random patterns. But don't get crazy. An 8-character password using all letters is easier to crack than a 4-character password using mixed letters and numbers.
DON'T BACK-UP YOUR FILES
It's a poor rat that only has one hole to crawl into. If you feel absolutely certain that your computer won't crash, that you won't get invaded by a virus or spyware, and your office or home won't catch fire, then don't back-up. Otherwise, get with it and explore the options of backing up your files.
There ... you are well one your way to safe computing.
Chris Crawford
www.justiceserved.com
Comments
You wrote: "DON'T USE A SURGE PROTECTOR".
Better yet, use an Uninterruptible Power Source (UPS). Not only do they offer surge protection, if you have a power outage they keep your computer powered up long enough to shut it down safely.
You can buy a UPS at Staples for under $100, depending on how much power you need. The more juice your computer uses, the more power (and thus more expensive) you'll need.
Still, the UPS I bought for my high power Alienware machine cost something like $127, before sales tax.
Remember, they're only meant to supply a clean source of power and outage protection. They're not meant to continue running the computer (other than to shut it down) in a power outage.
I know a local businessman who bought a UPS for his shop computers. He was somewhat ignorant of how the UPS worked.
The power went out at his business one day and he was working on the computer. The computer kept running and he thought, "how cool!" and kept on doing what he was doing. After about 15 minutes, the UPS battery drained and the computer went dead.
He lost all his data and had to pay someone something like $5000 to restore his data.
If he would have used the extra power to just shut down his computer, he would have saved himself thousands of dollars. He didn't know that, though. He thought using the UPS was akin to running his computer on a generator. It's not.
Posted by: Fred Mangels | May 30, 2006 02:36 PM
Right you are, Fred. A good UPS is better than a good surge protector. My trouble is that I leave my computer on and unattended for too long, so I can only shut down the computer if I'm here when the outage occurs.
I also lost a UPS once during a particularly nasty power surge, but those are the breaks.
Posted by: Chris Crawford | May 30, 2006 02:58 PM
Indeed. Things can go awry under the best of planning.
I'm not sure, but I think the software that comes with the UPSs that I use will shut down your PC for you if you leave your PC unattended and the power goes out.
I've had a couple outages and was present to manually turn mine of when I heard the UPS beep (aside from the fact it's usually obvious when you have an outage).
But seems to me, back when I installed the accompanying software, there were all kinds of messages, alerts and functions you could use the software to perform. If memory serves me correct, one of the functions was shutting down your pc after power was out for a certain amount of time (you set the time limit).
Never got around to using them in an actual outage because I didn't install the software on my Alienware and uninstalled it from my other desktop.
It was just one more program to load at boot up and run and some of the messages I'd get from the program I found more of an annoyance than anything else.
But, if I were the type to just leave my computer on all the time, I'd reconsider and perhaps use the software to cover for me.
Posted by: Fred Mangels | May 30, 2006 03:38 PM
Get a Mac.
Posted by: Mike Buettner | June 1, 2006 12:07 AM
I bought my current PC after my last one had a "kernal" error - not something you want to see. I told the sales/tech guy I was the worst file back-up user ever. They got my data transfered from the dead box, thankfully, to this dual 250 gig, mirrored drives puter. No more worries!
Posted by: Robb Willis | June 9, 2006 09:11 PM
Failing to back-up files (regardless of whether you use a Mac or Windows PC) is a huge problem. It's like failing to have batteries, flashlight, water and food in case of an earthquake or extended power outage.
Robb's "mirrored" drive is a good solution, but I got around this by an automated Internet back-up service called Ibackup.com. You can research other back up solutions at:
www.BackupCritic.com
Posted by: Chris Crawford | June 9, 2006 09:25 PM
I have an external 250 GB Firewire drive on my Mac. I use SuperDuper (shareware) to run scheduled backups of both internal drives to seperate partitions on the external.
Ironically in some 15 years I have never needed the backup. But I will never be without one.
Posted by: Mike Buettner | June 11, 2006 11:38 PM
Mike ... I have a Coleman stove with fuel stored in my garage that I've never used either, but in case of a days-long power outage or severe earthquake, it's there to make hot meals WHEN I need it.
I am a BIG Mac fan and used them exclusively in my early computing years. However, as I entered the IT consulting field, I had to use the machines my clients used. I don't recall ever having to restore backed up files on my Macs, but I have done so too many times to admit on my and my client's PCs.
THANKS for your comments!!
Posted by: Chris Crawford | June 12, 2006 02:44 PM
As a techie doing tech support for companies around the northcoast and in a previous life, a local tech support company, I want to thank you for bringing a bit of reality to users who may not otherwise give a second thought to their computer use.
I want to comment though, on the assertion that an 8-character letter-based password is easier to crack than a 4-character mixed letter and number password.
Assuming the 8-character letter based password is in either all upper or all lower case there are approximately 200 Billion combinations that can be used. 26 ^ 8 yields 208,827,064,576 according to google math
A four-character password with 36 options (26 letters and numerals 0-9) yields just 1.6 million combinations. Google says 1,679,616 I think we can agree that cracking a combination of 1.6 million would take less time.
While I agree with the thrust of your argument: that people need to use stronger passwords, it does not follow that merely combining letters and numbers in passwords will accomplish this goal.
With businesses, identities and our personal finances all at substantial risk from weak passwords it is without a doubt a necessity to choose strong passwords.
Most security experts suggest random combinations, but it's wishful thinking because who can remember them all?
A common trick I've found useful is using a phrase from a song or book replacing the first letter with either a letter, number, or character. For example:
Twas the Night Before Christmas And All Through the House ...
becomes:
22nbaa2
(replace T's with 2's or 3's or whatever you like as long as you remember)
Is it perfect? No. Adding characters like #&$($)!@ is better, but remember there are a lot of sites and systems that disallow extended characters.
I figure if it's going to take some hacker 60+ hours (on the speediest networked supercomputer) or approximately 700 years on a personal computer using standard decryption standards -- they will have earned the priviledge of knowing they have wasted their time getting my financials ;)
Again, thanks for the tips and good luck to all out there in cyber.
R. Walker
Posted by: Rob Walker | July 20, 2006 03:36 AM
Wow, Rob. Good comments ...
The 4 versus 8 character password recommendation came from a presentation I heard last year by Peter Tippett, a sort of cyber security contrarian and founder of what became Norton Utilities. Among the justifications he gave for this recommendation were the reduced risk of "social engineering," reduced help desk intervention for those who forget the passwords and the ease with which cracking software can detect dictionary words no matter the length. The group he was addressing were 75+ court CIOs from around the US, and his client list includes Fortune 500, government and military.
His main point was that no single solution would provide 100% protection, and adopting a mandatory 8-character password requirement did not yield a return on investment of headaches. Instead, he recommended a series of 85% solutions that, combined, came MUCH closer to 100% protection.
I should have elaborated on this point because on its face, you're correct ... the mathematical combinations to crack a 4-character password are less than those to crack an 8-character password.
Thanks ... I appreciate the discourse. Cheers !!
Posted by: Chris Crawford | July 20, 2006 02:57 PM