Part 3 and conclusion of the series The Secret Behind Updates.
Guess which question my clients ask me the most? Which is the best antivirus? My answer…
If your antivirus gives you a sense of security, it’s only an illusion: it is 99% marketing and fingers crossed and 1% protection. Your antivirus has as much of a chance of preventing an infection than the police has of stopping a burglar in the act. Normally the police is called after the theft has occurred. Let’s be realistic: it’s an impossible task for the police – they cannot be everywhere – as the antivirus cannot be aware of all viruses.
If you have trouble believing this statement, considering the following: if antivirus programs protected users, nobody would contact me because of a virus or malware. This is obviously not the case.
So if the promise of security by antivirus programs is unrealistic, should we abandon computer devices? Or at least stop using them to conduct financial transactions? It’s a personal decision, but I don’t believe it is necessary, especially with the protection currently offered by banks. Just the same: as it is unwise to rely on the police to protect our home from thieves, it’s up to us to put in place appropriate protection measures. Good news! In the case of computers at least, there is no better protection on Earth than your good judgment. Seriously.
Take heart: you don’t need to be an engineer to ensure your own personal computer security. Even if computer science is constantly evolving, you can have quasi permanent security, in several layers, enough to make you undesirable in the eyes of small time hackers looking for easy prey. Let’s get real: the really intelligent, patient hackers are looking to steal state secrets and other high level targets. They are not interested in the average user. If you develop a good “computer judgment” by observing a set of rules not that hard to remember, you can use your computer devices practically anywhere in safety. And you can do this without having the latest updates that may cripple your device. This will enable you to obtain better performance and reliability from your devices, for much longer than the average person.
Security in layers and rules to remember
A “Standard” account:
On laptops and desktops Windows and Mac, the most powerful protective measure is to work with a limited rights account, that is to say, a “standard” account instead of an “administrator” account. The logic has two beneficial effects: firstly, if you limit your rights, you prevent serious malicious software, that requires an administrator account, to install without your knowledge. Secondly, if you download and install software without knowing that it is malicious, you limit the damage to your user account only. In other words the rest of the computer remains untouched and the malware can be removed more easily.
In the photo here below my Windows account is a standard Windows 8.1 account linked to my email address. Alternatively, you can have a standard account that is not linked to an email address. In the photo below, the account that I named “Chef” has administrator level rights. If a window pops up on my screen asking me the password to this account, I know that some software wants a “special” permission to put its tentacles deeper in my system. If I just made a change, such as installing a program or attempted to make a change in my settings, I know that I am the cause of this popup and I will grant it permission. Otherwise, if you have not done anything of that nature, an alarm bell should ring in your head. You should deny the request and investigate the source of the request. This is the same principle for Mac PCs and Windows tablets, but not for Android tablets and smart phones, or for iPads and iPhones. Tablet and smartphone apps are believed to have been already vetted for malware by the respective app stores. If you should ever need to install apps offered outside the official stores, make sure you trust the company making the app.
Java and Flash:
Java is a programming language and Flash is a plug-in for browsers such as Internet Explorer, Firefox and Google Chrome. They are both practical for computing devices and web pages but they have become tempting targets for hackers. The good news is that you can function without them the vast majority of the time. You can uninstall Java from the list of your software in Windows, without ever having to think about it again, unless you use a web feature that requires Java, such as viewing security cameras for example. You could always reinstall Java if necessary. For Mac users, Java is no longer available by default unless you installed it to meet a requirement of some software.
Regarding Flash, it is going away to be replaced by something safer called HTML5. Flash is not used on most tablets and phones, and even Google Chrome on the PC is going to abandon it soon (see: Google Starts Retiring Flash). But there are still many Internet videos that require Flash, unfortunately. If you want to keep it, keep the program up to date so that the unsafe security holes are plugged. It may seem like I am contradicting myself here, but Flash updates are not likely to get bloated to slow down your computer. Just be careful when updating to remove the checkmark next to the “Optional Downloads”. Otherwise you will be getting unwanted programs installed, such as McAfee Security Scanner, which is a blatant advertisement that will consume some of your computer’s resources, or other unwanted software.
On the Internet, use different, sophisticated passwords for each account. It’s impossible to remember 100 passwords. That’s why I encourage you to write them down in a well-disguised and hidden document. It’s easier to create good passwords with short sentences. For example: “Givememyinfo2016” is an extremely strong password and virtually impossible to crack by malware tools, because even though it contains words in the dictionary, cracking tools are not sophisticated enough to understand multiple words joined together. Multiple non-English words are even stronger as cracking tools concentrate mainly on English. You could even put hyphens or other symbols between each word if it can make reading easier. Make it clear in your password documents whether you’re using uppercase or lowercase letters, and if symbols are actually part of the password or just a visual clue. Some people rely on software to remember passwords and websites to generate new passwords. Although they can be practical, I don’t trust them, because they can be hacked as well.
Let’s start with the most crucial information: your financial institution and the government will never send you a link to click on in an email. Do not fall for this phishing attempt! Spam messages are designed to look real, but they are not and the tell tales are there. How is the message addressing you specifically? “Dear customer” or just your “email address” is a sure fire way to know it is a spam. Delete. The same principle applies to phone calls from fraudsters who attempt to impersonate employees from Microsoft or the Canada Revenue Agency: simply hang up.
Using Wi-Fi away from home :
Your home or office Wi-Fi that you can only connect to with a password is safe. Outside of these locations, Wi-Fi may be compromised and hackers may be recording your every keystroke. If you conduct financial transactions using that unsecured connection, make sure you have a VPN. VPN means virtual private network. It encrypts communication from your computer to the websites you are using. So any hacker intercepted communications will be garbled and impossible to decipher. I personally use “Private Tunnel” but there are many companies offering VPN services. I use it on my tablet and smartphone. Installation and connection are straightforward, and costs are extremely reasonable, even free for light users. For travelers, the VPN is essential.
How slow or stop updates in Windows and Mac:
All versions prior to Windows 10 allow easy control of updates by going to Control Panel, Windows Updates. You can either stop updates altogether or receive notifications for new ones and choose which ones you want to install. My philosophy: If my computer is not broken I will not try to fix it. Windows Updates are off in all of my computers. I will only look for an update to a driver if a device is malfunctioning and no other solution is available.
With Windows 10, as mentioned in a previous newsletter, business users with Windows Professional have the option of delaying the updates by clicking on “Defer” as shown in the image below. Users of Windows Home have no control other than an immediate restart to install or schedule install in the next 24 hours.
To take control of updates in Mac OS X, click the Apple menu in the top-left corner, System Preferences and App Store. From here you can uncheck the options like in the image below.
Updates for smart phones and tablets: almost no control for users
With the iPad and iPhone, as well as Android smartphones and tablet, it’s impossible to predict how long you will be able to ignore updates to the operating system. At least, if you can delay the inevitable a few weeks, then at least you have a better chance of avoiding updates with major bugs that can cripple your device, after other guinea pigs will have reported them already.
Oh the beautiful promises that are made by manufacturers. See the image below that “encourages” users to update. New, enchanting options, yes, but will the additional kilos they will weigh make the performance of your device intolerable? You may believe that you can go back if an update is not to your liking, but that’s not always possible or easy if the recovery image, i.e. the rescue data, was also updated. For example, you might uninstall the update to Version 5.1 and only be able to return to Version 5.0, not the initial trouble-free version 4.0 that came with your machine initially.
Do yourself a favour: at least disable automatic app updates. This will reduce the chances that your tablet or smartphone crashes unpredictably. Go to Google Play, Settings and long-press “Auto-update apps” to get in and uncheck the appropriate box. Only update an app as a last resort, for example, if settings in the app itself does not solve a problem you’re having.
To stop auto app updates on the iPhone and iPad, go to Settings (Settings), iTunes & App Store and close the “Updates” button.
It is quite possible to keep your computerised devices going faster, longer, and safely, if you refuse to accept manufacturers’ updates. It will take a little time and effort if you want to do on your own, without professional assistance from someone like me. The way I see it is if you buy a device, you adopt it in your “family”. I believe that we are responsible for making it last as long as possible, within reason, not only to save money, but to decrease environmental pollution as well.
Until next time,
QUESTIONS OR COMMENTS? Go to the bottom of this page.
LIKED THIS ARTICLE? Go ahead and Share It using the buttons below.
Apple is targeted in the article below but Microsoft and Google operate in the same way.