Computer Security

Computer Security

All computer software has security vulnerabilities because of careless computer hardware engineering along with careless software engineering. They fix vulnerabilities and then add new functions creating new vulnerabilities! That means the computer you buy has computer chips that were designed with buffer flaws and operating system software with default settings that are not set to the best security.
http://www.google.com/search?num=100&q=%22unchecked+buffer%22
http://www.google.com/search?num=100&q=%22buffer+overflow%22
http://www.google.com/search?num=100&q=%22buffer+overrun%22
http://www.google.com/search?num=100&q=%22integer+overflow%22
http://www.google.com/search?num=100&q=%22stack+overflow%22
http://www.google.com/search?num=100&q=%22heap+overflow%22

Choices of Internet Browsers:

Java, JavaScript, IE Script, ActiveX, Shockwave, Flash, certain plugins and other web enhancements greatly increases your computer security risk but disabling them greatly reduces the risk. Webmasters should take the hint and quit putting so much unnecessary and dangerous junk code into webpages.

Set your preferences before using any new browser on the Internet! For best security, uncheck Java, uncheck JavaScript, uncheck Plugins, check No Images, check No Cookies, No Automatic Updates, No CSS, No Skins, No Icons or Favicons, No ActiveX, etc. You can always toggle the preferences to enable them on trusted websites!
http://www.cert.org/tech_tips/securing_browser/

All browsers have security vulnerabilites but most have little except Internet Explorer that has many. Security vulnerabilites are greatly reduced with the use of strict security procedures such as firewalls, virus scanners, spyware scanners and high security settings and preferences on your computer.
http://www.google.com/search?num=100&q=Opera+security+buffer-overflow
http://www.google.com/search?num=100&q=Firefox+security+buffer-overflow
http://www.google.com/search?num=100&q=SeaMonkey+security+buffer-overflow
http://www.google.com/search?num=100&q=Mozilla+security+buffer-overflow
http://www.google.com/search?num=100&q=Netscape+security+buffer-overflow
http://www.google.com/search?num=100&q=Avant+security+buffer-overflow
http://www.google.com/search?num=100&q=Internet-Explorer+security+buffer-overflow

The best tips and tricks on the Internet for Windows and power users is at:
http://www.mdgx.com/
http://www.mdgx.com/toy.htm#NET FREE 9x/NT/2000/ME/XP/2003 INTERNET BROWSERS

Opera (latest version that is now free or 8.54 and 5.12 for old computers with Windows 9x)
The fastest and best browser for older computers and the best for power users after direct editing of opera ini instead setting preferences using their user interface!
http://www.opera.com/index/
http://www.opera.com/docs/changelogs/
http://www.opera.com/download/index.dml?step=2&opsys=Windows&platform=Windows
http://arc.opera.com/pub/opera/

Note for those using Opera browsers. Edit opera6.ini and add under [User Prefs] EnableLastActiveChildOnDocWindowChange=1 and under [Cache] Check Expiry History=2. This will greatly speedup the loading of long pages using the same tab when going back.

Firefox (latest version - this is Open Source software)
Fast on newer computers, great for power users, and better with extensions.
http://www.mozilla.com/firefox/
http://www.mozilla.org/support/- http://www.mozilla.org/support/firefox/
https://addons.mozilla.org/firefox/extensions/
http://ftp.mozilla.org/pub/mozilla.org/firefox/ for .zip
nightly/latest-mozillax.x.x/ or tinderbox-builds/mozxxx-win32-tbox-mozillax.x.x/

SeaMonkey is the updated version of Mozilla (latest version - this is Open Source software)
http://www.mozilla.org/projects/seamonkey/releases/

Mozilla (old but updated for security patches - this is Open Source software)
http://www.mozilla.org/releases/

Netscape (latest version)
Older versions had too many software bugs!
http://browser.netscape.com/
http://plugins.netscape.com/ also you can use plugins in Mozilla products
http://ftp.netscape.com/pub/

Avant
Add on for Internet Explorer
http://www.avantbrowser.com/

Internet Explorer (IE 6.0 SP1 was the last one for Windows 98 and IE 5.5 SP2 for Windows 95)
This browser is not recommended for security reasons because it is integrated software code into Windows operating system! Use only for testing purposes or offline.
http://www.microsoft.com/athome/security/update/bulletins/default.mspx
http://www.microsoft.com/windows/ie/downloads/default.mspx
http://www.microsoft.com/technet/downloads/ie.mspx
http://msdn.microsoft.com/ie/downloads/default.aspx
http://www.microsoft.com/downloads/results.aspx?pocId=6&freetext=&DisplayLang=en
http://support.microsoft.com/gp/sp/
http://windowshelp.microsoft.com/Windows/en-US/internet.mspx

Why is Internet Explorer unsafe?
http://browsehappy.com/why/
http://www.google.com/search?num=100&q=Internet-Explorer+unsafe

http://www.google.com/search?num=100&q=Microsoft+meta-file+back-door

Microsoft Security Bulletins and Advisories
http://www.microsoft.com/technet/security/
http://www.microsoft.com/athome/security/

http://www.microsoft.com/windowsxp/
http://www.microsoft.com/windows98/ no longer supported
http://www.microsoft.com/windows95/ no longer supported
Microsoft's biggest greedy mistake was no longer supporting their old software that is still useful today!

The heck with Microsoft, use open source software!
http://www.msfree.com/

http://www.linux.org/
http://www.debian.org/
http://www.gnu.org/
http://www.google.com/search?num=100&q=Linux
http://www.openbsd.org/
http://www.openoffice.org/
http://www.xiph.org/
http://www.divx-digest.com/software/
http://www.opensource.org/site_index.html

http://directory.google.com/Top/Computers/Open_Source/
http://dir.yahoo.com/Computers_and_Internet/Software/Open_Source/
http://dmoz.org/Computers/Open_Source/Software/

Technology-based terrorist attacks remain a theoretical phenomenon, and businesses should focus instead on protecting themselves from demonstrable threats. Despite the incidence of high-profile digital attacks, cyber terrorism is a phenomenon that has never occurred.

The goal of terrorism is to change society through the use of force or violence, resulting in fear. Cyber terrorism is a theory, it is not a fact. An organisation should do the best it can to protect itself in the first place, whether attacks are coming from criminals or "cyber terrorists".

http://directory.google.com/Top/Computers/Security/
http://dir.yahoo.com/Computers_and_Internet/Security_and_Encryption/
http://dmoz.org/Computers/Security/

http://www.us-cert.gov/
CERT (Computer Emergency Response Team) Coordination Center of Carnegie Mellon University
http://www.cert.org/
SANS (System Administration, Networking, and Security) Institute
http://www.sans.org/

Network Security
http://www.eeye.com/html/Research/
Virus Bulletins
http://www.virusbtn.com/
Computer Incident Advisory Capability of Lawrence Livermore National Laboratory
http://ciac.llnl.gov/ciac/
National Security Institute's Security Resource Net
http://www.nsi.org/compsec.html
National Institute of Standards & Technology (NIST) Computer Security Resource Clearinghouse
http://cs-www.ncsl.nist.gov/topics/welcome.html
Purdue University Computer Science Department's Computer Security Resource Page
http://www.cerias.purdue.edu/tools_and_resources/
NTBugtraq (mailing list for those interested in Microsoft server security)
http://www.ntbugtraq.com/
Microsoft Security
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/Default.asp
http://www.microsoft.com/security/
Internet Security Systems' Xforce Security Site
http://xforce.iss.net/
InfoWar.Com's Information Security and Information Warfare "Portal"
http://www.infowar.com/forums/
Cisco Security Solutions
http://www.cisco.com/warp/public/cc/so/neso/sqso/
Intel
http://www.intel.com/business/bss/infrastructure/security/index.htm
Network Associates
http://www.networkassociates.com/us/security/resources/sv_home.htm

http://vil.nai.com/VIL/newly-discovered-viruses.asp
Authoratative Virus and Anti-Virus Information Sources
http://www.xtalwind.net/virus.html
Australian Computer Emergency Response Team (CERT)
http://www.auscert.org.au/
International List of Encryption and Computer Security Resources
http://www.cs.auckland.ac.nz/~pgut001/links.html

ICSA Labs Anti-Virus Certified Products
http://www.icsalabs.com/html/communities/antivirus/certifiedproducts.shtml
West Coast Labs Checkmark
http://www.westcoast.com/checkmark/

http://www.symantec.com/avcenter/security/Advisories.html
http://www.symantec.com/avcenter/vinfodb.html
Expanded threats exist outside of commonly known definitions of viruses, worms, and Trojan horses that may provide unauthorized access, threats to system or data security, and other types of threats or nuisances.
http://www.symantec.com/avcenter/expanded_threats/

http://netsecurity.about.com/
http://zdnet.com.com/2001-1105-0.html News Security

http://www.cigital.com/javasecurity/ Java Security Resources
http://sunsolve.Sun.COM/pub-cgi/show.pl?target=security/sec

http://www.cybercrime.gov/docs.html#doca
http://net-security.org/
http://www.cisecurity.org/
http://csrc.nist.gov/ NIST Computer Security Division
http://www.idefense.com/
http://lcweb.loc.gov/global/internet/security.html
http://www3.gartner.com/research/focus_areas/asset_48267.jsp
http://security1.gartner.com/section.php.id.19.s.1.jsp
http://www.counterpane.com/
http://www.issa-intl.org/ The Information Systems Security Association
http://www.psycom.net/iwar.1.html Information Warfare
http://www.strategicintel.com/
http://packetstormsecurity.org/
http://www.securityfocus.org/ or http://www.securityfocus.com/
http://lists.insecure.org/
http://www.iwar.org.uk/ IWS - The Information Warfare Site
http://www.antionline.com/
http://www.hackingexposed.com/
http://www.securityportal.com/
http://www.dso.com/
http://www.hackernews.com/
http://www.self-evident.com/
http://www.gocsi.com/
http://www.owasp.org/ Open Web Application Security Project
http://StaySafeOnline.info/
http://www.us-cert.gov/reading_room/
http://www.secureflorida.net/

http://www.infosyssec.org/

http://www.netsys.com/ The Intelligent Hacker's Choice!

http://www.grc.com/SecurityNow.htm podcasts

http://leovilletownsquare.com/ubbthreads/kfihome/index.php KFI's The Tech Guy show
http://www.techtv.com/
http://www.w3w3.com/05.CSecurity.htm Internet Talk Radio

http://www.mitnicksecurity.com/ - Kevin Mitnick's security website

http://www.eff.org
http://www.2600.com/
http://www.defcon.org/
http://hacktivismo.com/
http://www.hackerz.org/
http://www.phrack.org/show.php
http://www.h2k.net/
http://www.wiretapped.net/
http://www.attrition.org/news/
http://www.cultdeadcow.com/main.php3
http://defcon.org/
http://www.phreaknic.info/
http://whitehats.com/
http://www.blackhat.com/
http://Zone-H.org/
http://www.theargon.com/articles/
http://www.phreak.org/html/main.shtml
http://www.totse.com/en/technology/index.html
http://www.ccc.de/

also see No Privacy with New Technologies

Benefits and dangers of using proxy servers click here

Here is what you can do to enhance the security on your Personal Computer (PC).

Use an Internet Firewall
A firewall places a virtual barrier between your computer and hackers who might seek to delete information from your computer, make it crash, or steal personal information.
Get Computer Updates
You can download and install updates for your operating system and take advantage of security features introduced since your operating system was released.
Use Anti-virus Software
Updated Antivirus software seeks out and deletes known malicious programs.
Use Anti-spyware/adware Software
Antispyware software helps to protect your computer from known programs that can steal valuable information from your computer, such as keyloggers.
Be careful with E-mail and Instant Messages (IM)
Even if a message appears to come from someone you know, a file attached to an e-mail message or IM could contain a virus, so be sure to contact the sender by some other means to gain added assurance that the attachment is valid. Also, never reveal personal or financial information in a response to an e-mail request, no matter who appears to have sent it. You may be the target of a phishing scam.

Phishing is a type of deception designed to steal your identity. In phishing scams, scam artists try to get you to disclose valuable personal data like credit card numbers, passwords, account data, or other information by convincing you to provide it under false pretenses. Phishing schemes can be carried out in person or over the phone, and are delivered online through spam e-mail or pop-up windows.

Pharming is when criminal hackers redirect Internet traffic from one Web site to a different, identical-looking site in order to trick you into entering your user name and password into the database on their fake site. Banking or similar financial sites are often the target of these attacks, in which criminals try to acquire your personal information in order to access your bank account, steal your identity, or commit other kinds of fraud in your name.

The use of faked Web sites may make pharming sound similar to e-mail phishing scams, but pharming is more insidious, since you can be redirected to a false site without any participation or knowledge on your part. They use a process called "DNS poisoning", in which attackers access the giant databases that Internet providers use to route Web traffic, they can make modifications on the spot so that you are diverted to the criminal site before you actually access the site you intended. http://www.google.com/search?num=100&q=DNS-poisoning

Use strong passwords and change them often.
Use passwords to lock your computer and online accounts. The stronger the password, the better the security against intrusion by hackers and thieves, who could use your information to open new credit card accounts, apply for a mortgage, or even chat online disguised as you.

A good, strong password should meet all three of these criteria:
1. Over eight characters in length. Short passwords are easier to crack than long passwords.
2. Combines letters, numbers, and symbols, but:
Not sequential or repeating combinations, such as "12345678," "222222," "abcdefg," or adjacent letters on your keyboard."
Not common words with letters replaced by numbers or symbols, such as "P@ssw0rd". Unfortunately, hackers know these tricks, too.
3. If it is easy for you to remember make it difficult for others to guess, and:
Not your login name, your spouse's name, or your birthday.
Not words found in the dictionary, in any language. Hackers use sophisticated tools that can rapidly guess passwords that are based on words in the dictionary, in a variety of languages, and using words spelled backwards.
4. Hard-to-remember passwords can be the most secure. But random combinations of letters, numbers, and symbols that must be written down to be remembered can be misplaced, or found by others and used.

One way to create a strong and memorable password is to come up with a "passphrase." Here is a way to create a passphrase-based password in four easy steps:
1. Think of a sentence that you can remember, such as "My son Aiden is three years older than my daughter Anna." This will be your passphrase.
2. Take the first letter of each word of the sentence to create a new word. Using the example above, you would get: "msaityotmda".
3. Then mix it up by using a combination of upper and lowercase letters and numbers. Example: "MsAi3yotmdA"
4. Finally, substitute some special characters that look like letters, to make this password even stronger. These tricks finish the example password to read "M$8ni3y0tmd@".
If you are worried about remembering your passphrase, start with a common phrase as your passphrase, such as "You can't teach an old dog new tricks," then inject at least one number or symbol into the password. In this case, "yctaodnt" can become "YctaODnT", or even "U(t@0DnT".

Do not give them out to friends or family members (especially children) who could pass them on to other less trustworthy individuals.

Do not store written passwords in your desk. If found, such a note, created for your convenience, can provide easy access to your computer for burglars.

Never provide your password over e-mail even if a trusted company or individual requests it. Internet "phishing" scams might use fraudulent e-mail to entice you into revealing your user names and passwords so criminals can access your accounts, steal your identity, and more.
Change passwords regularly. Ideally, you should create new, strong passwords for your accounts every few months. This can help keep hackers off balance if they are monitoring a Web site that you visit frequently.
Do not use the same passwords for multiple accounts. You should create a new, strong password each time you open a new account.
Do not enable the Save Password Option. If you receive a dialog box asking if you would like the computer to remember the password, choose No. This option lets anyone who uses your computer also use your pre-saved passwords on these accounts.

Make Back-Ups
Create and maintain a backup schedule so that you do not loose important files.

Deciding what to back up is highly personal. Anything you cannot replace easily should be at the top of your list. Before you get started, make a checklist of files to back up. This will help you determine what to back up, and also give you a reference list in the event you need to retrieve a backed-up file. Here are some file suggestions to get you started:
Bank records and other financial information
Digital photographs
Software you downloaded from the Internet
Music you downloaded from the Internet
Personal projects
Your address book
Your calendar
Your bookmarks
You may store your backup copies on an external hard disk drive, DVDs, CDs, or some other data storage format.

Do not open any files attached to an email or IM from an unknown, suspicious or untrustworthy source.
Do not open any files attached to an email or IM unless you know what it is, even if it appears to come from a dear friend or someone you know. Some viruses can replicate themselves and spread through email. Better be safe than sorry and confirm that they really sent it.
Do not open any files attached to an email or IM if the subject line is questionable or unexpected. If the need to do so is there, always save the file to your hard drive before doing so.
Delete chain emails and junk email. Do not forward or reply to any to them.
Do not download any files from strangers.
Exercise caution when downloading files from the Internet. Ensure that the source is a legitimate and reputable one. Verify that an anti-virus program checks the files on the download site. If you are uncertain, do not download the file at all or download the file to a floppy disk and test it with your own anti-virus software.
Update your anti-virus software regularly. Over 500 viruses are discovered each month, so you will want to be protected.
Back up your files on a regular basis. If a virus destroys your files, at least you can replace them with your back-up copy. You should store your backup copy in a separate location from your work files, one that is preferably not on your computer.

What to do if you are a victim of credit card fraud or other kinds of online scams

When you use a credit card, you can be vulnerable to fraud, whether you pay online, over the phone, or even in person at your neighborhood grocery store. That is because whenever you pay with a credit card, companies need to verify your account before they can provide you with goods and services. Unfortunately, because this credit information is stored on large computer servers, it can also be the target of hackers looking for ways to break into the system and get the information so they can use it to commit fraud.
If you think you have been the victim of fraud or a scam, immediately follow these steps. The faster you contact the proper authorities, the more likely you are to minimize the damage a scammer can do to your identity, your credit, and your bank account.

Close any affected accounts

Place a fraud alert on your credit reports

Contact the proper authorities

Record and save everything

Close any affected accounts
Contact the genuine company or organization if you believe you have given sensitive information to an unknown source masquerading as that real company or organization. If you contact the real company immediately, they might be able to lessen the damage to you and others. Then:
1. Speak with the security or fraud department about any fraudulently accessed or opened accounts at every bank or financial institution you deal with, including credit card companies, utilities, Internet service providers, and other places where you regularly use your credit card.
2. Follow up with a letter and save a copy for yourself. When you open new accounts use strong passwords, not passwords such as your mother's maiden name, along with a new account number.
Change the passwords on all of your online accounts, starting with any that are related to financial institutions or information.

Place a fraud alert on your credit reports
In the United States, you can contact these three credit bureaus:
Equifax (800) 525-6285
Experian (888) 397-3742
TransUnion (800) 680-7289

Get a copy of your report (victims of ID theft can receive copies of their credit reports for free) and ask that no new credit be granted without your approval.

Make sure your account is flagged with a "fraud alert" tag and a "victim's statement," and insist that the alert remain active for the maximum of seven years.

Send these requests in writing and keep copies for yourself. When you receive your reports, review them carefully. Look for things like inquiries you did not initiate, accounts you did not open, and unexplained debts.
Outside of the United States, you can contact your bank or financial institution, who can direct you to the relevant organization or agency.

Contact the proper authorities
In the United States, contact the Federal Trade Commission (FTC)

File a complaint. If you are a victim of any type of identity theft, you can report the theft by calling the FTC's toll-free Identity Theft Hotline at (877) ID-THEFT or (877) 438-4338. Counselors will advise you on how to deal with the credit-related problems that can result from identity theft.

Download and print the FTC's Identity Theft affidavit. Fill it out and send it to credit card agencies to help minimize your responsibility for any debts incurred by those who stole your identity. Your case will be entered in the FTC's nationwide "Consumer Sentinel" database of ID theft cases, which helps law enforcement agencies find criminal patterns and catch the thieves.
File a report with your local police department

Get a copy of the police report to notify your bank, credit card company, and other creditors that you are a victim of a crime, not a credit abuser.

Depending on where you live, you might be required to file a report in the jurisdiction where the crime actually took place.

Record and save everything
As you complete all these steps to clear up the wrongdoing, always make print copies of documents for yourself-including e-mail messages, written correspondence, and records of telephone calls-and file them somewhere safe. For telephone or in-person conversations, follow up with dated confirmation letters to the organization, and save a copy for yourself. State in the letter what was covered in the conversation, and list any follow-up items that you or the representative have committed to in the conversation.

Additional resources:

http://www.fraud.org/ the National Fraud Information Center. Use the online complaint form or call (800) 876-7060.

http://www.usdoj.gov/criminal/fraud/idtheft.html U.S. Department of Justice ID Theft kit

http://www.ftc.gov/bcp/conline/pubs/credit/idtheft.htm Federal Trade Commission's document, Take Charge: Fighting Back Against Identity Theft, which includes sample dispute letters and other recovery procedures.

http://www.privacyrights.org/identity.htm provides a detailed 17-step plan to follow if your ID is stolen.

http://www.idtheftcenter.org/index.shtml Identity Theft Resource Center

http://www.consumer.gov/idtheft/

http://www.cfenet.com/resources/fraud.asp

Personal Infrastructure Protection 101:

Guard your Social Security Number and give it only when absolutely necessary.
Ask how it will be used to ensure you agree before giving any personal information.
Read all billing statements with great care to discover any discrepancies.
Keep minimal personal information and only one credit card in your wallet.
Maintain control over receipts, especially those from credit card purchases.
Completely tear or shred paperwork with personal information before disposal.
Consider installation of a locked mailbox to deter mail theft.
Deposit correspondence containing personal checks in an official USPS mailbox.
Arrange to acquire new check books at the bank and not through the mail.
Examine your credit reports no less than annually.

http://www.google.com/search?num=100&q=identity+theft+site%3A.gov
http://www.google.com/search?num=100&q=identity+theft+site%3A.edu
http://www.google.com/search?num=100&q=identity+theft+site%3A.org

Before you post any information online:

Be choosy. From the start, limit the amount of personal information you give to a site. Only share your primary e-mail address with people you know, and avoid listing any information in large Internet directories.

When shopping online know your sources. The kinds of vendors who sell deeply discounted electronics tend to be different than those selling knitting supplies. Limit your purchasing of expensive, popular items to prominent companies with clear privacy policies. And find out what others say about the sellers and selling sites by reviewing seller and buyer feedback and checking out comparison sites such as Epinions.com or Bizrate.com.

Read the Web site's privacy statement carefully. This statement should tell you how and why a business is collecting your information. If something does not sound right to you, contact the company with questions before you divulge any personal information. If the site doesnt post a privacy policy, take your business elsewhere.

Post your resume only on prominent job sites. Be sure that any Internet job sites you use have privacy policies that only allow verified recruiters to scan your information. Do not post your resume on your own Web site.

Avoid participating in sweepstakes or other such marketing-driven events, both online and offline.
Get off the lists (and stay off)

Find out where you are currently listed by doing your own online research. Search for your name in the popular search engines and in online directories, such as the ones listed in the sidebar on the right of your screen.

Request that your name be removed from online directories. If it is not clear how to do this on a Web site, use the "Contact Us" link or address at the bottom of the directory site.

Get an unlisted phone number or at least have your address unlisted. Also, instruct your phone and Internet service providers to remove any existing personal information of yours from all of their directories.

Set up a special e-mail address solely for online activities such as shopping and newsgroups. This way you can close it if needed and start a new one without disrupting your business or personal e-mail correspondence.

Keep a record any time you give your personal information to a company so you can ask them to remove it later if necessary.

If you have a laptop computer with wireless connectivity built-in or through an inserted wireless network card, you can now surf the Web in some coffee shops, airports, hotels, and even fast food restaurants using public wireless networks, or WiFi. Here are quick tips for enjoying the convenience of WiFi and helping to protect your privacy.

Use a firewall
A firewall is a protective boundary that monitors and restricts information that travels between your computer and a network or the Internet.

Use encryption
You can secure your home wireless network with different types of encryption with varying effectiveness. If you are using public WiFi, network encryption is often out of your control. Check the privacy statement on the network's Web site to learn more about the type of encryption they use. If they do not have a privacy statement, you would be better off not using the network.

Tip: If you must enter credit card numbers while using a public wireless network, make sure you see a locked padlock icon at the bottom right corner of the browser window, and make sure the Web address begins with https: ("s" for secure).

Do not type in credit card numbers or passwords
The measures listed above will provide some protection against casual hackers and identity thieves who prey on wireless networks. But if the bad guys are determined enough, they will eventually find a way to get around any security system. If you want to be safe, avoid typing any sensitive information, such as your credit card number or any other financial information, into your computer while using a public wireless network.

Public computers at libraries, Internet cafes, airports, and copy shops are convenient, cheaper than buying your own laptop, and sometimes even free to use. But are they safe? Depends on how you use them.

Do not save your login information
Always logout of Web sites by pressing logout on the site, instead of by closing the browser window or by typing in another address. This will help keep other users from accessing your information.
Many programs (especially instant messenger programs) include automatic login features that will save your username and password. Disable this option so no one accidentally (or on purpose) logs in as you.

Do not leave the computer unattended with sensitive information on the screen
If you have to leave the public computer for any amount of time, logout of all programs and close all windows that may include sensitive information.

Erase your tracks
When you are done using a public computer you should delete all the temporary files and your Internet history.
To delete your temporary Internet files and your history
1. In Internet Explorer click Tools and then click Internet Options.
2. On the General tab, under Temporary Internet files click Delete Files and then click Delete Cookies.
3. Under History, click Clear History.

Watch for over-the-shoulder snoops
Because there is so much in the news about how hackers can digitally sneak into your personal files, we sometimes forget about the old fashioned version of snooping. When you are using a public computer, be on the look out for thieves who collect your information by looking over your shoulder or watching as you enter sensitive passwords.

Do not enter sensitive information into a public computer
The measures listed above will provide some protection against casual hackers who use a public computer after you have. However, an industrious thief may have installed sophisticated software on the public computer that will record every keystroke and then e-mail that information back to the thief. Then it does not matter if you have not saved your information or if you have erased your tracks. They still have access to this information.
If you really want to be safe, avoid typing your credit card number or any other financial or otherwise sensitive information into a public computer.

Tips on how to help reduce risks when selling or discarding computer hardware

If you are ready to replace, sell, or retire your old computer, it is very important to eradicate personal data stored on its hard drive before unplugging it for the last time. You should always remember that even though you manually delete computer files, an identity thief might still be able to recover them, possibly putting you or your family at risk.
Remove the files yourself at home using disk-cleaning software. It is not difficult to do, and many cleaning utilities are free. Files you should remove before you donate or sell your computer by using disk-cleaning software to erase them:

E-mail contacts

E-mail messages

All documents

All files in the operating system recycle bin or trash folder

Internet files

Disclaimer

External links are provided for research and information only. The external links on this Web site does not constitute endorsement or approval by me. I am not responsible for the contents on any external link referenced from this Web site.

Home