If this is your first time working on a lesson…
1) Please read our FreeFor Ops page. It will explain the site purpose and navigation, Lesson Outlines and the overarching concept of FreeFor IO.
2) It will direct you to also read the START HERE page, Tenets page and the first lessons. There are a few lessons ahead of this one.
Welcome to Secure PC (L1.4, Lesson ID 0018). This quick lesson will arm you with some (free) Windows programs to help keep your PC secure.
- Your behavior and discipline
- Firewalls (in addition to your router)
- Anti-Malware / Anti-Spyware
- Privacy Cleaners / Secure Delete
- Disk and File Encryption (to be covered in a separate lesson)
- Regularly: Scanning, updating virus / malware databases, updating versions
Why is this important? Your PC is where it all begins. It is an end point that needs to be secured. The industry term for this is End Point Security. It is easier to exploit your behaviors and PC than it is to crack encryption or Tor. It is imperative that you keep your PC as secure as possible before we begin the lesson on securing your browser.
Here’s Bruce Schneier commenting on it…(emphasis ours)
TAO (NSA’s Tailored Access Operations) also hacks into computers to recover long-term keys. So if you’re running a VPN that uses a complex shared secret to protect your data and the NSA decides it cares, it might try to steal that secret. This kind of thing is only done against high-value targets.
How do you communicate securely against such an adversary? Snowden said it in an online Q&A soon after he made his first document public: “Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on.”
I believe this is true, despite today’s revelations and tantalizing hints of “groundbreaking cryptanalytic capabilities” made by James Clapper, the director of national intelligence in another top-secret document. Those capabilities involve deliberately weakening the cryptography.
Snowden’s follow-on sentence is equally important: “Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.”
Endpoint means the software you’re using, the computer you’re using it on, and the local network you’re using it in. If the NSA can modify the encryption algorithm or drop a Trojan on your computer, all the cryptography in the world doesn’t matter at all. If you want to remain secure against the NSA, you need to do your best to ensure that the encryption can operate unimpeded.
Please note that most these are for Windows users. At this time we don’t have access to a Mac for testing, and we’re assuming that if you are using Linux you already are aware of other Linux programs to secure your computing device. You will find that some products offer versions for Mac and/or Linux as well.
Special Note on Deleting Files:
Note that a number of these tools offer secure file deletion, and the Eraser program is dedicated to this. You should seriously consider secure file deletes for everything except the most innocent files.
Using your Windows system to delete a file doesn’t really delete it. It only removes a pointer to where the file was. The file will eventually get overwritten, but even so, the disk will retain some signatures and parts of the file that may allow it to be recovered. You need to use a secure delete that specifically overwrites the file location, with several (3-35 passes), and can even write garbage over it.
Please go ahead and download these programs and get familiar with them. You should be running CCleaner and BleachBit prior to every computer shutdown, and preferably after every browsing session. You should also run an Anti-virus and Anti-malware/spyware scan daily. Some of these programs have duplicate functions, but we often find that programs will scan for different items and it makes sense to run multiple passes with different tools.
The products below are generally regarded by many sources to be some of the best free options in their classes. Below each tool you’ll find a marketing blurb we lifted from their website or a review.
- Recent versions of Microsoft Windows include a built-in firewall, which is now turned on automatically. Unfortunately, the Windows firewall is limited in many ways, for example, it does not examine outgoing connections. However, there is an excellent freeware program called Comodo Personal Firewall, which does a better job of keeping your computer secure. They also offer free anti-virus and anti-malware products.
- There is an excellent freeware anti-virus program for Windows called Avast, which is easy to use, regularly updated and well-respected by anti-virus experts. It requires that you register once every 14 months, but registration, updates and the program itself are all free-of-charge. It has fantastic detection rates and some of the best features to play around with. It includes real-time web, P2P, email, instant messaging, network, boot time and behavioral protection. It is also fairly light on resources.
Anti-malware / Anti-spyware software
- Malwarebytes Anti-Malware Free’s industry-leading scanner detects and removes malware like worms, Trojans, rootkits, rogues, spyware, and more. All you have to do is launch Malwarebytes Anti-Malware Free and run a scan.
- (ffio note – We’ve used MalwareBytes to successfully remove some stubborn virus / malware that was not removed with other programs)
Spybot Search & Destroy
- If all you require is to be able to scan and remove malware and rootkits from your system. Or if you want to protect your PC by immunizing your browser and hosts file, the ‘Free Edition’ is the choice for you. If you are a more experienced user you can also check various ‘autostart’ locations using the ‘Startup Tools’. Spybot 2 can scan single files or specific folders and unlike other software it doesn’t matter if the file is located on your local drives or on a network share. Spybot 2 comes with its own whitelist which helps to identify if files are legitimate or not. This useful addition helps to speed up the scan.
IOBit Advanced System Care
- Protect, repair and optimize your computer with Advanced SystemCare Free. Advanced SystemCare Free makes your computer faster and safer with just a single click. It removes spy- and adware, prevents security threads, deletes temporary files and fixes registry errors. Easy, quick and effective.
- (ffio note – IOBit’s ASC has a huge amount of functionality. Explore the Tool Box)
Privacy Cleaners / Secure Delete
- CCleaner is our system optimization system optimization, privacy and cleaning tool. It removes unused files from your system – allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as your Internet history. Additionally it contains a fully featured registry cleaner.
- “Since I started working with Snowden’s documents, I have been using […] BleachBit” — Bruce Schneier
- BleachBit quickly frees disk space and tirelessly guards your privacy. Free cache, delete cookies, clear Internet history, shred temporary files, delete logs, and discard junk you didn’t know was there. Designed for Linux and Windows systems, it wipes clean a thousand applications including Firefox, Internet Explorer, Adobe Flash, Google Chrome, Opera, Safari, and more. Beyond simply deleting files, BleachBit includes advanced features such as shredding files to prevent recovery, wiping free disk space to hide traces of files deleted by other applications, and vacuuming Firefox to make it faster. Better than free, BleachBit is open source.
- Eraser is a popular, free and secure file deletion software for windows. It is designed to delete files permanently from your disk and allows you to totally eradicate all the sensitive data from your hard drive by overwriting it multiple times. This software will also prevent any attempt of retrieval with the use of disk maintenance and undelete utility. Eraser also comes with a flexible and customizable scheduler to ensure that your system memory is overwritten from time to time to avoid data theft.
This is LESSON ID=>0018