As of July 2010, I consider the following advice essential to protecting your privacy & online security if you’re using Microsoft Windows:
Free antivirus that protects your computer from malware (viruses, spyware, adware etc). Available only to genuine Windows installations.
Firefox Web Browser
Free web browser for the security conscious. Always auto-update when prompted. Use the following add-ons to protect your online privacy & security:
Free add-on for Firefox that stops stuff happening automatically on your computer without you approving it. You can teach NoScript which sites you trust for automatic script execution. Essential for a safe online experience.
Free add-on by the Electronic Frontier Foundation that automatically uses an encrypted connection to the website you visit, if it’s available (and configured in the preferences). Allows you to be lazy and search at http://google.com, browse http://wikipedia.org, blog on http://wordpress.com using your old bookmarks/URLs, while transparently redirecting your connections to the encrypted versions (https://) of the websites.
Free add-on for Firefox that blocks most advertising banners, making for a simpler, safer browsing experience.
Conspiracy (for advanced users)
Free add-on for Firefox that shows you which countries the Certificate Authorities that authenticate your current TLS session are registered in. Might help expose man-in-the-middle attacks (e.g. when connecting to a UK site and noticing a Chinese flag popping up).
Certificate Patrol (for advanced users)
Free add-on for Firefox that notifies you of any new SSL certificates accepted or any existing certificate being replaced. May help expose man-in-the-middle attacks.
No tool can protect you without some help from your own decisions & actions.
- Keep your Operating System updated by always installing the latest patches/service packs from Microsoft update.
- Keep your important software updated: Java, Adobe Flash plugin, your PDF reader of choice (I recommend FoxIt Reader instead of Adobe Acrobat Reader), your media player of choice (I recommend
SMplayerVLC), Skype etc. Most have auto-updating mechanisms. When prompted to update, evaluate the authenticity of the program asking you to make this change.
- Never install codecs/plugins or any other software (free games, utilities etc) that some “friend” asks you to install to see the latest “funny video”. If it’s supposed to be a video or music file and VLC can’t handle it, it’s probably not legitimate.
- Think before you click “OK” on the next popup message. There must be a way of turning off repeated mundane warnings, otherwise you’re doing something wrong.
- If something strange happens, capture it with a screenshot before proceeding . It’s like taking a snapshot of your screen. Hit the “Prnt Scrn” button, then go to “Start” -> “Run” and type mspaint. Hit Enter, then hit CTRL-V simultaneously on your keyboard (for “Paste”) and save the image on your desktop as type JPG. Now you can send this file to your friends (or an online support forum) and ask people what’s going on.
Automatically backup your computer
This is not an online security tip, but when the inevitable happens and a hard drive melts, your computer gets stolen, or destroyed by the next good Samaritan “expert” trying to “fix” your computer, you will be relieved to know you have backup copies of your most valuable files somewhere else.
Use Mozy (free for 2GB of data) to keep an online copy of your valuable files.
[Update: 14 Jan 2011] I’ve had trouble with Mozy so I now use CrashPlan. If you agree to backup to each other with a friend of yours, and you have enough disk space, this is a free solution that works well.
If you’re using Windows 7, a backup tool is included that allows you to take a full backup of your hard drive to an external (e.g. USB) drive. Use it. While you’re at it, create a System Repair Disk as well. It’s bound to be useful one day.