12 Tips for Protecting Your Computer from Snoopers

In the DC area especially, there are people who have reason to be concerned about computer espionage, either for work (national or corporate secrets) or personal reasons (divorce or blackmail). Here are 12 tips to guard against intruders snooping on your activities:

  1. Use decent passwords. The easiest way for someone to access your email and other information is if they know or can easily guess your passwords. It is estimated that 1 out of every 9 people use a password on the top 500 worst password list. Most passwords are “cracked” not through problems with the encryption itself, but with the password being poor. Don’t use dictionary words, the names of loved ones, the names of your pets, your birthday, etc.  Longer passwords are better so government institutions often require at least 10-14 characters. Passwords should be random and use letters, numbers, and special characters.
  2. Use different passwords for different things. If someone sees your computer login password over your shoulder, you don’t want them to then have access to your bank account because it has the same password.
  3. Change passwords regularly. Government and corporate security protocols typically require that passwords be changed at least every 3 months.
  4. KeePassUse a password manager. Seeing a theme here about the importance of passwords? If you have different random passwords and change them regularly, then you either have a memory like Rain Man or you keep track of the passwords somewhere. The most popular software tools to manage passwords are LastPass (Free or Premium for PC, Mac, and others), KeePass (Free for PC, Mac, and others) and 1Password ($39.95 for Mac). Password software allows you to keep all your passwords encrypted with one master password. It can autofill site information so that you only have to remember that one master password. It also has a Password Generator to create random strong passwords, a great idea. Without this, most people use passwords that are similar. To the extent that your passwords are similar, an investigator can more easily guess your other passwords. (Tip: use Dropbox to backup/sync KeePass or 1Password encrypted files. LastPass syncs automatically between computers).
  5. Do not use personal information that can be guessed as the answers to your online secret questions. This is how Sarah Palin’s Yahoo email was “hacked” in September 2008 simply by someone guessing the answers to her challenge questions such as where she went to high school.
  6. Tie your Yahoo or other login site to another email account or cell phone number. This will let you know of any attempted password resets and help if tip 5 doesn’t work.
  7. Encrypt files. As we explained in our post Encryption on USB Flash Drive, TrueCrypt can be used to encrypt your important data. Remember that although TrueCrypt can not be cracked, someone could guess your password if you chose it poorly.
  8. Remember that your router is a computer too. Your router manages all the data between your computer and the Internet. If your router software is compromised, you could be sent to a site claiming to be your bank but really being a completely different site due to website misdirection from a bogus DNS system used by your router. The router software should be checked, firmware reloaded, and the password on the router should be changed. Most people unknowingly leave the router login defaults. That is safe enough if your local network is not breached, your WiFi isn’t hacked, and your router is not remotely accessible.
  9. Use strong WPA2 WiFi encryption. WPA2 is not easily cracked like WEP. Tools such as BackTrack and KisMAC can crack WEP in minutes. (See photo of “war driver” below hacking into a WiFi network.)War Driver Hacking into WiFi
  10. Turn down your WiFi antenna strength. Hackers can crack into a WiFi access from over a block away with directional antennas and a good line-of-site to their target. If you don’t need the extra signal strength, turn it down since a weak signal is harder to crack. This isn’t an option on all routers. If you want to take extra control of your router for this and other options, see if you can load the alternative DD-WRT firmware.
  11. Check for keyloggers. Keyloggers will log everything you type. They can be in the form of software or physical devices that are attached to a USB port or between the keyboard and computer.Keylogger
  12. Wipe computer and start fresh. If someone has had physical access to your computer or if the computer is already compromised, all bets are off. Some experts and government institutions will simply decommission a compromised computer and trash it. But most people should be satisfied with wiping everything. The hard drive can be wiped and the operating system reinstalled. The BIOS (seen from the very initial startup) can be reflashed and checked. The computer can be opened and physically checked for modifications.

Let me know if you have other suggestions for keeping your computer information safe from surveillance.


Thunderbird Add-ons

ThunderbirdYou might have heard about add-ons for the popular web browser Firefox that give it more capabilities. Well, the folks at Mozilla also make a great email client called Thunderbird (PC, Mac, Linux) that has add-ons too.

I found this out when I needed to send someone hundreds of emails. The Add-on ImportExportTools (which oddly is not part of Thurderbird’s list of Add-ons) was able to take all the emails I wanted and move them into an HTML indexed folder for easy browsing. This powerful add-on also helps in a myriad of cases when migrating or merging email archives, and it performs some import/export feats that are impossible with other email clients such as Outlook and Mac Mail.

ImportExportTools Thunderbird Add-on

Manage Your Podcasts in iTunes

If you use iTunes and need more control of your podcasts, click on the Settings… tab at the bottom of the iTunes Podcasts page. This gives you the ability to choose download and retention settings. You can set a default and per-podcast setting.

Set a default podcast setting that applies to most of your podcasts, by first choosing:

Podcast Defaults

The individual control of podcasts was added a year ago in iTunes 8 but most people didn’t notice the addition. Now you can, for example, automatically keep only the latest of your news programs while keeping all of your story podcasts.

Some podcasts are released in batches. For example, NPR’s Dianne Rehm’s Friday News Roundup podcasts are released two at a time on Friday.  Therefore I set it to Download all instead of the most recent one. If I only downloaded the most recent, I would miss one of the shows.

Podcast Settings

You might also want to Download all if you only sync occasionally and want the most recent files, instead of the most recent podcast and an older podcast from when you last synced.

I find that if you change a podcast to keep only the Last X number of episodes, this does not go into effect immediately, but it eventually goes into effect after a podcast is refreshed.

Buying a Home Theater Projector

Why you should buy a home theater projector

Screen size. For the ultimate large screen (100+ inch) theater experience, a front projector is the only solution under $80,000. There are large LCD, Plasma, and rear-projector televisions, but none over 100 inches that can practically be purchased or fit through your door.

Why you should not buy a projector

  • Lighting. Ambient light from windows and lamps immediately washes out a projector’s colors and dark details. To have a proper picture with correct colors and darks, you need to be able to completely control the light in that room, for example, by having heavy drapes on the windows. This creates a theater environment but can be impractical for casual viewing.
  • Installation. Projectors need to be mounted properly and focused so that there are no distortions. A screen also needs to be installed for best picture quality.
  • Maintenance. Projector bulbs need to be replaced every year or two, depending on usage and bulb life. Some projectors also need to be vacuumed for dust periodically.
  • Noise. Fan noise can be loud and irritating on some models.

Researching a projector

projectorreviews.com

  • ProjectorReviews.com by Art Feierman. Art has by far the most in-depth reviews of home theater projectors. People in forums anxiously await his reviews and refer to him when making arguments for projectors. Manufacturers sometimes send him test units prior to producing projectors. His daughter helps with the photographs and his friend Mike helps with calibrations.
  • AVS Forum’s Projector’s Under $3000 page. As with other home theater gear, AVS Forum has intelligent discussions of projectors by shoppers and owners of the equipment. They also have forums on projector screens and making your own DIY screens to save money.
  • Projector Central. Not as detailed as ProjectorReviews.com, but another resource for reviews.

Some things to consider

  • 1080P versus 720P resolution. Three years ago, 720P resolution was much cheaper than 1080P. But as with LCD TVs, projector manufacturers are putting all their effort into 1080P which can be purchased now for $1000.
  • Brightness. Ambient light in the room can be somewhat compensated for by a brighter projector.
  • Noise. If you are sitting close to the projector, you will want one that is relatively quiet, below 30db.
  • Bulb replacement. Look at replacement bulb costs as well as how many hours of life you can expect for a bulb.

My current favorite

A TV is a personal choice depending on your needs, room environment, and budget. My favorite at the moment is the Epson Home Cinema 8100 (see a review at ProjectorReviews.com) because it has:

  • Brightness while maintaining good colors. Many other projector’s brightest mode will create much poorer colors.
  • Shadow detail better than cheaper 1080P projectors.
  • Quietness. 27db or less. Cheaper 1080P projectors such as the Optima HD20 and Vivitek 1800 are significantly louder. Panasonic makes quieter projectors, but they are not as bright as this Epson.
  • Good warranty and long bulb life. Epson is easy to work with if you need a repair.

Epson 8100 Projector

Runner-up

I also recommend the Mitsubishi HC3800. It uses DLP technology instead of the Epson’s LCD, which leads to these trade-off’s: Pros: great colors, smaller body. Cons: louder fan, minor rainbow effect which some people notice and some don’t (caused by the DLP’s spinning color wheel).

Where to buy

As with other electronics, there are better deals if you shop online instead of going to Best Buy. I usually start at Amazon, but there are many online stores that will provide competitive pricing.