Protecting a single PC from viruses, malware, and other security risks is difficult enough. Now that the typical tech’d-out household contains multiple tablets and smartphones, as well as one or more PCs, securing all of them can quickly become a big hassle. Responding to all this hardware proliferation, McAfee has announced a new tool called LiveSafe that's designed to be a protective umbrella for pretty much all the devices we may juggle (Windows Phones and Chromebooks being the notable exceptions).

McAfee

LiveSafe has a Web-based central interface for managing all of its functions and protected devices. For Windows PCs and Macs, LiveSafe will offer antivirus, antispyware, and anti-phishing protection, plus a two-way firewall. Identity protection and parental controls will also be available, along with safety ratings for websites.

A few of the most advanced features will be available only if you happen to be buying a new Haswell-based PC or tablet when that hardware finally goes on sale. LiveSafe will leverage the Intel Anti-Theft Technology and Intel Identity Protection Technology (IPT) that's hard-wired into those new CPUs. The other LiveSafe features for PCs will work regardless of which CPU you're running.

For supported mobile devices, LiveSafe will provide antivirus protection, plus data backup and restoration. You’ll also be able to locate, lock, and wipe a lost or stolen mobile device. In addition, Android devices will get Web and app protection, while both Android and BlackBerry devices will have a filtering tool for phone calls and SMS text messages.

To read this article in full or to leave a comment, please click here

Arcticsid installed one antivirus program on a new PC that already had another. Then he asked the Antivirus & Security Software forum if that was a good idea.

Running two antivirus programs simultaneously is a bit like mixing a fine, vintage Cabernet with breakfast cereal. Each is good on its own right, but the combination may have unpleasant effects.

Before I explain why, let's get some definitions out of the way. The term antivirus has come to mean a program that launches when you boot your PC and stays running in memory, protecting you in real time not just from viruses (which are, technically speaking, passé), but Trojans, rootkits, and all other forms of malware.

 [Email your tech questions to answer@pcworld.com or post them on the PCW Answer Line forum.]

To read this article in full or to leave a comment, please click here

Update your browser. Ditch Java. Don't click weird links from even weirder people. Ho-hum. The basic tenets of PC security are burned into the brains of most Web surfers by now. The old malware tricks just don't work as well anymore.

Surprise! Bad guys are getting creative. (Never underestimate the oh-so-powerful combination of greed, boredom, and cleverness.) Rather than targeting Internet Explorer, now they're gunning for your virtual machine, your video games, and your Web-connected thermostat.

"The more digital our lives become, the greater the number of potential nontraditional entry points for cybercriminals attempting to steal data and wreak havoc," says McAfee Labs security strategist Toralv Dirro, who referred us to some of the wild exploits highlighted here. Grab your tinfoil hat, and let's take a walk down wacky-hack lane.

A faulty antivirus update issued by Kaspersky Lab on Monday left many of its home and business customers unable to access any websites on their computers.

Systems administrators using Kaspersky Endpoint Security (KES) on their corporate networks started reporting the problem on Kaspersky's support forum on Monday afternoon, Eastern Time. The reports kept piling up until late in the evening.

"I have ~12,000 machines running KES8 and my help desk started getting calls about an hour ago saying users were having problems accessing various web sites," one user named bradb21 reported.

Other users confirmed the problem and attempted to troubleshoot it themselves. Some reported success after disabling the Web protection component or turning off the product's monitoring for port 80, 443 and other Web proxy ports.

To read this article in full or to leave a comment, please click here

Bitdefender Internet Security 2013 ($70 for one year and three PCs, as of 12/19/12) may just be everything that you’d want in a security suite. This program, which earned the highest rating in both our real-world attack test and our system cleanup test, has a user-friendly interface that will appeal to both regular and advanced users. It also comes with several extra services, such as antitheft protection for various mobile devices.

In our real-world attack test (which indicates how well a suite will be able to block new malware attacks as it encounters them), Bitdefender completely blocked 100 percent of attacks. (Four other tested security suites also put up perfect scores in this test: F-Secure, G Data, Norton, and Trend Micro.) Bitdefender was also able to detect 98.8 percent of known malware samples in our malware-zoo detection test. That’s not a bad detection rate, but five of the nine security suites in this year’s roundup had detection rates of 99.0 percent or higher.

Bitdefender managed to detect and disable 100 percent of the infections in our system cleanup test, and it successfully cleaned up all traces of infections 90 percent of the time. This result is the best full-cleanup rate of any of the suites we tested—only F-Secure Internet Security 2013 had a similar cleanup rate (90 percent). Bitdefender flagged just one file (out of over 250,000) as malicious, which gives it a very low false-positive percentage compared with its competition.

The program adds just a little extra weight to your system—in other words, its slowdowns are tolerable. It added 3.5 seconds to startup time (compared to a PC with no antivirus program installed), which puts it in the lower half of the suites we tested. It also added a second or so to shutdown time. Bitdefender has the longest on-demand scanning time (2 minutes, 1 second) of the programs we tested, and the fourth-longest on-access scanning time (5 minutes, 41 seconds).

To read this article in full or to leave a comment, please click here

AVG has given its Internet Security suite a makeover for the new year. AVG Internet Security 2013 ($55 for one year, as of 12/17/12) now has a pretty, Windows 8-style tiled interface, complete with large, colorful buttons that are optimized for a touchscreen. That said, it seems as if AVG has put most of its effort into improving its program’s looks, as the suite managed a respectable, but below-average, showing in our tests.

In our real-world attack test, AVG completely blocked 94.4 percent of attacks and partially blocked 5.6 percent of attacks. This indicates how well the program will block new malware attacks when it encounters them in the wild, and this is a good score, actually. However, since five of the nine security suites we tested completely blocked 100 percent of attacks, this score still puts AVG in the bottom half of the list.

AVG’s ability to detect 97.8 percent of known malware samples seems respectable at first glance, but it’s actually the worst detection rate of all the suites we tested. All of the other security suites were able to detect at least 98.8 percent of malware samples, while the top contender in this category, Trend Micro Titanium Internet Security 2013, was able to detect 100 percent of samples. AVG also flagged five safe files (out of a pool of over 250,000) as being dangerous; while this isn’t a bad false-positive rate, almost all of our other tested
suites posted lower rates.

In our system cleanup test, AVG detected 100 percent of infections, but only disabled 90 percent, and only managed to completely clean up 60 percent. This isn’t a great rate—F-Secure Internet Security 2013 managed to completely clean up 90 percent of malicious files—but it’s also not the worst of the suites we tested.

To read this article in full or to leave a comment, please click here

G Data InternetSecurity 2013 ($35 for one year, as of 12/19/12) is a comprehensive security suite with an excellent protection record: It blocked, detected, and disabled all of the malicious files we threw at it, and cleaned up 80 percent of infections in our system cleanup test. However, it’s not the most user-friendly suite, with a tedious installation process and an advanced-users-only settings panel. As a result, it ended up toward the bottom of our rankings.

In our real-world attack test, G Data completely blocked 100 percent of attacks. This indicates how well the product will successfully block brand new malware attacks when it encounters them in the wild. Of the nine security suites we tested, five completely blocked all attacks: G Data, F-Secure, Bitdefender, Norton, and Trend Micro.

G Data also has an excellent malware detection rate. In our malware-zoo detection test, the program detected 99.7 percent of known malware samples. This detection rate puts G Data in fourth place for malware detection. G Data did have a higher false positive percentage than other security suites—it flagged three safe files (out of over 250,000) as malicious. Although this is a very low false positive rate, seven of the suites we tested flagged fewer than two safe files as malicious.

In our system cleanup test, G Data detected and disabled 100 percent of infections. It also managed to completely clean up 80 percent of infections, which puts it in third place (alongside Kaspersky and Trend Micro). This test shows how well a product can find, disable, and remove every last trace of an infection, so you can rest assured that G Data will do a respectable job.

To read this article in full or to leave a comment, please click here

McAfee Internet Security 2013 ($40 for one year of protection on up to 3
computers, as of 12/19/12) didn’t manage top marks in our security suite tests,
but it’s still a fairly proficient antimalware program that will keep you relatively
well-protected. This security suite, which boasts a simple user interface and
a super quick installation process, scans your system quickly and efficiently.
However, McAfee’s uninspired design and average performance makes it a less
attractive choice compared to its competition.

In our real-world attack test, McAfee was able to completely block 94.4 percent
of attacks. Unfortunately, this means that it did let through 5.6 percent of
attacks, allowing our test system to get infected. This test indicates how well a
product will be able to block brand new malware attacks as it encounters them
in the wild—and of the nine security suites we tested, only two let such a large
percentage through.

That said, McAfee was competent at cleaning up malware infections once they
were already on the system. In our system cleanup test, the program detected
and disabled 100 percent of infections, and fully cleaned up 70 percent of
infections. Five of the nine security suites we tested performed better than
McAfee in this test, completely cleaning up at least 80 percent of infections.

McAfee had an excellent false positive percentage: It didn't flag a single safe file
(out of over 250,000 files) as malicious. It also did a very good job at detecting
known baddies: in our malware “zoo” detection test, it managed to detect 99.9
percent of known malware samples.

To read this article in full or to leave a comment, please click here

Avira Internet Security 2013 ($60 for a one-year, one-PC license; 30-day free trial) is an acceptable antivirus program—if you happen to be an expert in security jargon and working your way through a somewhat unfriendly user interface. This particular security suite passed our tests (though, not with flying colors) and even managed to come out on top a couple of times, but it’s not for the average user.

In our real-world attack test, Avira managed to completely block 94.4 percent
of attacks, and partially block 5.6 percent of attacks. This indicates how well
the product will block new malware threats when it encounters them in the wild.
While this result is solid, it’s not good enough compared to the top competitors:
Five out of the 10 security suites we tested managed to completely block all
attacks.

In our malware-zoo detection test, which determines how well a product can
detect f known malware, Avira detected 98.8 percent of samples. Although
respectable, this percentage still puts Avira in the bottom half of the suites we
tested—six suites managed 99 percent or higher detection.

Avira was able to detect and disable 100 percent of malware infections in our
system cleanup test, but was only able to purge them completely about 50
percent of the time: That’s the worst cleanup rate of the suites we tested. Avira
did perform impressively well in our false positives test; it didn't flag a single safe
file as malicious.

To read this article in full or to leave a comment, please click here

Kaspersky Internet Security 2013 ($60 for one year and three PCs, as of 12/19/12) is a solid antimalware suite that provides admirable protection and an excellent settings interface. This program looks a little different from the other suites we tested, mainly because of its teal-and-white colors, in contrast to the green-is-good/red-is-bad user interface that most other security packages use. But once you get past the fact that teal is sort of the same as green (trust us, this takes a moment), it’s a good program that will keep you safe from most incoming attacks.

In our real-world attack test, Kaspersky completely blocked 94.4 percent of attacks. Unfortunately, the 5.6 percent of attacks that it failed to block completely were not blocked at all—in other words, our test system got infected 5.6 percent of the time. The real-world attack test demonstrates how well a suite will be able to block brand-new malware attacks as it encounters them in the wild, so this is not a great sign.

Kaspersky’s suite was able to detect 98.1 percent of known malware samples in our malware-zoo detection test. This detection rate is fairly good, but seven of the nine suites we tested had higher rates (98.8 percent or more). Kaspersky did have an excellent false-positive rate, as it didn’t flag any safe files as malicious; that puts Kaspersky in the top four of the suites we tested for that measure.

In our system cleanup test, the Kaspersky software did an excellent job of detecting, disabling, and fully cleaning up infections. It detected and disabled all infections on our test PC, and fully cleaned up all traces of malware 80 percent of the time. Of the suites we tested, only two packages (Bitdefender and F-Secure) cleaned up more infections (90 percent), while three suites, including Kaspersky’s, cleaned up 80 percent.

To read this article in full or to leave a comment, please click here

Webroot SecureAnywhere Internet Security Plus 2013 ($30 for one year, for up to three PCs, as of 12/19/12) is a super speedy security suite and it'll keep your system relatively safe, but suffers from a cluttered interface and too many advanced settings.

In our real-world attack tests, Webroot completely blocked 96.2 percent of attacks. That's a good result, but it's not top-notch. Unfortunately, it let the 3.9 percent of unblocked attacks go completely unblocked (not just partially blocked), which meant that the system got infected 3.9 percent of the time.

Webroot has a decent malware detection rate: It detected 99.9 percent of samples in our malware “zoo” detection test, which exposes an antivirus program to thousands of malware samples discovered within the past four months. In our false positive test, Webroot flagged 14 known safe files as malicious. While this isn’t a bad false positive percentage (the test is out of over 250,000 files), some suites we've looked at recently had a perfect false positive rate.

In our system cleanup test, Webroot managed to detect 93.9 percent of infections and disable 81.8 percent of them. It managed to clean up all traces of infection 48.5 percent of the time—a lower-than-average result compared to other suites we've looked at recently. Avira Internet Security 2013 cleaned up 50 percent of infections, AVG cleaned up 60 percent, and the other suites cleaned up 70 percent or more.

To read this article in full or to leave a comment, please click here

Folder Lock 7 ($40, five-day free trial) is a one-stop-shop for file encryption and data security. It’s impressive and affordably priced, and it fulfills basically every security need you can think of—making it a must-download if you need to secure your files.

Version 7 of Folder Lock added an optional online component so you can sync your data lockers to developer NewSoftwares' own storage service. The service cost $5 per month for every 10GB—not the cheapest but relatively competitive. The 10GB should be more than enough for only your secure data. Other handy features are login attempt tracking, and creating both normal and self-extracting password protected zip files.

The program couldn't be any easier to use, though the first time you lock and hide a folder it can be a bit odd to go to a drive and see it locked, or to find a folder missing. Folder Lock keeps two services running, but doesn't appear to impact performance. The program is completely password driven, so there are no certificates to lose as with Windows Bitlocker. There's a master password for the program, which you need to administrate it, including when you remove it.

To read this article in full or to leave a comment, please click here

Your privacy, safety, and anonymity on the Internet are increasingly under threat. Governments want more power to monitor people's Web usage, and businesses want to keep records of every website you visit and every item you purchase online. And let's not forget the shady-looking individual sitting in the corner of the coffee shop, monitoring your wireless signal in an attempt to steal your online banking details and passwords.

Like all free plans, a ProXPN Basic account comes with significant restrictions. Before I get into that, though, I want to point out that this is perhaps one of the easiest VPNs (if not the easiest) I have ever encountered when it comes to setup. You simply install the application, create your account, and log in. That's it—no awkward fiddling around in configuration panels, no indispensable-yet-indecipherable user manual. The tool is an absolute pleasure to use. Previously I reviewed TunnelBear, and at the time I thought that utility was the simplest to set up, but ProXPN is a new contender.

The problem with the ProXPN free service lies in those restrictions. If you go for the freebie, your speed is throttled to 300 kilobits per second, and you are restricted to only one geographical location (Miami). You also miss out on some really great paid-only features, such as iOS and Android access, port selection, and geographical location alternatives such as Amsterdam, London, and Singapore. One particularly neat feature of the paid account is VPN Guard, which allows you to specify which applications on your computer should immediately shut down if you lose the ProXPN connection. For instance, if you're downloading torrents, you can have ProXPN shut down your torrent client when the ProXPN VPN signal disappears along with your anonymity.

To read this article in full or to leave a comment, please click here

A fool and his feeble p@$$w0rd are soon rooted, but if 2012 has proven anything, it's that even the most cautious security-minded souls need to double down on their protective practices, and think about the best ways to mitigate damage if the worst happens in our increasingly cloud-connected world.

A solid security toolbox should form the heart of your defense, of course, but you'll also need to consider your basic behavior. For example, a leaked LinkedIn password does little harm if that particular alphanumeric combination only opens the door to that particular account, rather than every social media account you use. Two-factor authentication can stop a breach before it happens. And do your passwords suck?

I'm not trying to scare you. Rather, I'm interested in opening your eyes to the types of precautions that are necessary in the digital age—as evidenced by the biggest security exploits, blunders, and fails of 2012. 'Twas a banner year for the bad guys.

Honan hack attack

The highest profile hack of 2012 didn't involve millions of users or an avalanche of pilfered payment information. No, the security highlight—or is that lowlight?—of 2012 was the epic hacking of a single man: Wired writer Mat Honan.

To read this article in full or to leave a comment, please click here

Antivirus software is now so ineffective at detecting new malware threats most enterprises are probably wasting their money buying it, an analysis by security firm Imperva has concluded.

Reports questioning the protection offered by antivirus suites has become a staple theme among researchers in recent times and the study Assessing the Effectiveness of Anti-Virus Solutions, carried out for Imperva by the University of Tel Aviv, is another addition to that sobering collection.

The team ran a collection of 82 new malware files through the VirusTotal system that checks files against around 40 different antivirus products, finding that the initial detection rate was a startling zero.

The company then ran the same scan a number of times at intervals of a week apart to see whether detection improved over time, discovering that even the best-performing products took at least three weeks to add a previously undetected sample to their databases.

To read this article in full or to leave a comment, please click here

Anvisoft, a Chinese antivirus startup, has been linked to an infamous hacker suspected of developing sophisticated malware used to siphon sensitive information from Defense Department contractors in 2006.

Through some high-tech sleuthing on the Web, Brian Krebs, author of the KrebsonSecurity blog, found Anvisoft-connected IP addresses connected Anvisoft to registered to "tandailin" in Gaoxingu, China.

Tan Dailin, a.k.a. Withered Rose, was the s ubject of Verisign's 2007 iDefense report, which described Dailin as the 20-year-old leader of a state-sponsored hacking team called NCPH, which stood for Network Crack Program Hacker.

In 2006, the group was linked to multiple zero-day attacks against Microsoft Office vulnerabilities. Some of the attacks were aimed at defense contractors, Krebs reported.

To read this article in full or to leave a comment, please click here

Security researcher Tavis Ormandy discovered critical vulnerabilities in the antivirus product developed by U.K.-based security firm Sophos and advised organizations to avoid using the product on critical systems unless the vendor improves its product development, quality assurance and security response practices.

Ormandy, who works as an information security engineer at Google, disclosed details about the vulnerabilities he found in a research paper entitled “Sophail: Applied attacks against Sophos Antivirus” that was published on Monday. Ormandy noted that the research was performed in his spare time and that the views expressed in the paper are his own and not those of his employer.

The paper contains details about several vulnerabilities in the Sophos antivirus code responsible for parsing Visual Basic 6, PDF, CAB and RAR files. Some of these flaws can be attacked remotely and can result in the execution of arbitrary code on the system.

Ormandy even included a proof-of-concept exploit for the PDF parsing vulnerability which he claims requires no user interaction, no authentication and can be easily transformed into a self-spreading worm.

To read this article in full or to leave a comment, please click here

Webroot SecureAnywhere 2013 is here. The new security suite from Webroot includes a variety of updates in the areas of performance, and the overall user experience. But, the most notable feature of SecureAnywhere 2013 is that it now also protects Mac OS X.

Let’s start with a look at SecureAnywhere in general. While the overall goal of the software is the same as competing antimalware and security suites, and it seems logical to compare them, SecureAnywhere is a whole new approach. Webroot completely threw out its flagship products, and started over by building SecureAnywhere around a more proactive philosophy based off the acquisition of Prevx.

The result is protection for your PCs and mobile devices that delivers blazing performance, and has virtually no impact on system resources compared with the traditional approach of rival products. The entire install occupies a mere 750KB—with a “K”—on your hard drive. It installs in seconds, and according to metrics from Webroot, the software uses 91 percent less memory than competitors, and completes full system scans in about a minute—116 times faster than average antimalware scans.

SecureAnywhere is a comprehensive security suite that includes a built-in firewall (only in Webroot SecureAnywhere Complete 2013), identity and privacy protection, social network protection, and seven specialized security shields—three of which are new to SecureAnywhere 2013. The USB Shield blocks attacks and malware from removable drives, the Offline Shield protects the system against persistent threats even when it’s not connected to the Internet, and the Zero Day Shield identifies new or changing threats to defend against emerging attacks.

To read this article in full or to leave a comment, please click here

The chaos caused to Sophos customers by a bad antivirus software update just keeps reverberating into its second week, with Sophos today providing more information on fixing the problem for both enterprise users and those with stand-alone computers.

The bad A/V update causes false positives for certain malware to occur on Windows-based computers, and Sophos indicated today it has not yet completed its investigation into how this incident occurred, though it has been issuing instructions online and by phone to users on how to "clean up" the situation. Sophos CEO Kris Hagerman also issued an abject apologyto Sophos customers and business partners, admitting the backup of customer inquiries has been overwhelming.

"While Technical Support volumes have started to significantly subside and hold queues have started to drop, I understand that our hold queues still remain larger than normal, and in some instances, callers have been unable to connect with us," said Hagerman in an apology issued Friday. "We are doing everything possible to address the queue as fast as we can; I assure you that our Sophos team members are eager to speak with you to get your case resolved swiftly."

Hagerman added that Sophos is "working on additional tools, videos, and resources to more effectively communicate the recommended steps for effective, efficient remediation. Many affected customers have reported that they have been able to fully recover from this situation based on the information provided."

To read this article in full or to leave a comment, please click here

Over half of Android devices are vulnerable to known security flaws that can be exploited by malicious applications to gain complete access to the operating system and the data stored on it, according to a report from mobile security firm Duo Security.

This conclusion is based on scans performed during the last couple of months with X-Ray, a free Android vulnerability assessment tool developed by Duo Security. X-Ray scans devices for known privilege escalation vulnerabilities that exist in various versions of the mobile operating system.

"Since we launched X-Ray, we've already collected results from over 20,000 Android devices worldwide," security researcher Jon Oberheide, who is co-founder and CTO of Duo Security, said Wednesday in a blog post.

Privilege vulnerabilities can be exploited willingly by users in order to gain administrator (root) access on their devices and, for example, replace the firmware provided by the manufacturer with a custom-built one.

To read this article in full or to leave a comment, please click here

Brand-new laptop and desktop computers sold in China contain preinstalled malicious software, which has infected millions of computers around the world, according to an investigation by Microsoft revealed on Thursday.

The malware, embedded in counterfeit versions of Microsoft's Windows OS, is engineered to spy on users and conduct denial-of-service attacks, Microsoft said. It warned that the findings pose fresh questions over the integrity of computer-part supply chains.

Cybercriminals "are out to get you," said Richard Domingues Boscovich, assistant general counsel for Microsoft's Digital Crimes Unit. "They will do whatever it takes. If the supply chain is how they're going on get on [computers], that's what they're going to do."

Microsoft's investigation, dubbed "Operation b70," culminated with the shutdown of the command-and-control system connected to computers infected with "Nitol," a piece of malicious software called a rootkit preinstalled on some of the examined computers. Nitol quickly spreads via removable drives.

To read this article in full or to leave a comment, please click here

If you're using your flash drive as a vehicle for simple file transfers, you’re missing out on one of the single-best roles one of these wee data buckets can fulfill. Indeed, hardcore enthusiasts know that simple flash drives are perfect portable repositories for all the software that can breathe life into an otherwise ailing PC.

All the web apps in the world won’t help you when your PC breaks down or falls prey to a particularly nasty piece of malware and refuses connect to the Internet. A properly loaded USB drive, on the other hand, can be a machine saver. And when your grandma calls with a dire PC emergency, you'll be glad to have an always-ready "ninja drive" to slip into your pocket as you run out the door.

In this article we’ll show you how to load out a USB drive with everything you need in case of a PC emergency. So next time your computer breaks down, don’t panic. Instead, take a deep breath, plug in your ninja drive, and start making things right.

PortableApps

The first thing you’ll want to install on your drive is PortableApps—a free, open source platform for installing desktop applications on removable media, like a USB drive. PortableApps manages the installation of new portable software on your USB drive, and also acts as a frontend when you’re actually using the USB drive, letting you easily browse and launch applications.

To read this article in full or to leave a comment, please click here

Microsoft has released a confusing selection of security programs over the years. Deborah Armstrong asked me to make sense of them.

[Email your tech questions to answer@pcworld.com or post them on the PCW Answer Line forum.]

When it comes to security, the folks in Redmond can go overboard with new products--or worse, new names for old products. What follows is a complete list of Microsoft programs, past and present, intended to help keep malware off your computer.

At least, I think it's complete. If I missed anything, that's what the comment section is for.

To read this article in full or to leave a comment, please click here

Mobile malware is getting lots of attention these days, but you can’t forget about your PC’s security—after all, you probably still use it to pay bills, shop online, and store sensitive documents. You should fully protect yourself to lessen the chance of cybercriminals infiltrating your computer and your online accounts, capturing your personal information, invading your privacy, and stealing your money and identity.

You need to guard against viruses, of course, but not all antivirus programs catch all threats, and some do better than others. You have to watch for many other types of threats, too: Malware invasions, hacking attacks, and cases of identify theft can originate from email, search engine results, websites, and social networks such as Facebook. They can also come in the form of links or advertisements for phishing and scam sites. But with some education on the topic, and the right tools, you can identify such scams and avoid falling victim.

If your children use your computer, you must also protect against inappropriate content such as violent games and adult sites, and you should monitor communication on social networks. Although the best approach is to keep a close eye on your kids while they use the computer, you can employ tools and services to filter content and monitor their Web usage when you’re not around.

Protecting your data from computer thieves and from people who tap in to your Wi-Fi signal is also important. Encrypting your computer is the only way to ensure that a thief cannot recover your files, passwords, and other data. And unless you password-protect and encrypt your wireless network, anyone nearby can connect to it, monitor your Internet usage, and possibly access your computers and files.

To read this article in full or to leave a comment, please click here

Your Windows logon password--the one you type every time you boot--does not protect your files in any meaningful way. (There's an exception, which I'll discuss below.)

Why is that important? Because you do things on your computer that only you should be allowed to do, such as read and write your email. Unless you've set up your mail client to require a password every time you boot, anyone who can log onto your computer as you has full access to your mail.

To read this article in full or to leave a comment, please click here

Malware, once it has infected your PC, has a way of protecting itself. It may not want you to install a new antivirus program--or update your current one. So you need to scan your hard drive in a way that gets around the malware. The simplest way to do that is to do the scan outside of Windows.

Luckily, there are several bootable malware scanners. You put one of these on a CD or a flash drive, boot from that, and scan your hard drive. If they find something, they'll remove it.

I'm recommending Kaspersky Rescue Disk and the F-Secure Rescue CD, because they're both easy to use and come from companies that have done well in testing. If you're really worried, use one, then the other.

To read this article in full or to leave a comment, please click here

Robert Conner asked me to define the various words for different types of programs.

Tech proliferates words like flies proliferate eggs. And they can be just as hard to track.

Here's a quick refresher on common terms for the larger program categories:

To read this article in full or to leave a comment, please click here

I see no point in scanning every external drive every time you insert it. That becomes very annoying very fast. Yes, some antivirus programs do this automatically, but if yours does, I strongly recommend you turn the feature off.

Which isn't to say that you should never scan an external drive. Of course you should--when you think it's appropriate.

If someone gave you the drive, or if it has some new software on it, scan it immediately the first time you plug it in. And, of course, you should scan a drive if you have reason to suspect that it was on an infected computer.

To read this article in full or to leave a comment, please click here

Businesses and government-related organizations that are serious about their network security hire ethical hackers and penetration testers to help probe and improve their networks, applications, and other computer systems with the ultimate goal of preventing data theft and fraud. You may not get the same adrenaline rush that you might with underground hacking, but you can earn a good and honest living--and not end up facing prison time, as some illegal "black hat" hackers do.

How does the job market look like for ethical hackers? Extremely good! The IT market overall continues to grow despite the current economic turmoil. Research firm Gartner estimates that worldwide enterprise IT spending grew by 5.9 percent between 2009 and 2010, to a total of $2.7 trillion. At the same time, security is becoming a more pressing concern. Gartner expects to see an increase of nearly 40 percent in spending on worldwide security services during the five-year period from 2011 to 2015, eventually surpassing $49.1 billion.

In your first years as an ethical hacker, you'll be in a position to earn anywhere from $50,000 to $100,000 per year, depending on the company that hires you, and on your IT experience and education. With several years of professional experience, you could command $120,000 or more per year, especially if you do your own independent consulting.

To read this article in full or to leave a comment, please click here

Today, spam blockers do a good job of nabbing most spam, but link builders still employ underhanded tricks to get their comments onto your blog, usually hiring people to do the deed since bots are usually stopped by the spam blockers. Many business owners and employees are unfamiliar with comment spam; they happily approve spam all the time, and who can blame them? They just don’t know. Here are a few ways to tell if that comment is spam or from a real person, and eight tips for reducing it on your website.

1. Spam Can Outnumber Legit Comments

First, keep in mind that many of the comments on your blog are going to be spam. Humans will get around your spam blocker and try to leave comments that include the website addresses they are promoting. If you approach editing comments with this in mind, you’ll catch a lot more spam. All comments should be considered guilty until proven innocent.

To read this article in full or to leave a comment, please click here