Why do people have security issues?

A large number of home users are infected with spyware or trojans, most home users talk of very slow computers. all of this is caused by bad security.

Some people don’t know how to be secure, some don’t care, other know what to do but see it as too hard.

the problem is that the bad guys (hackers) are interested and motivated in getting into your computer.
the users are not very motivated or interested in keeping them out.

about 80% of all email is spam, and most of it is sent from computers that have been hacked.
you want less spam?
then start to be more interested in security.

What can you do to be secure?

get an anti-virus program, you can even get a free program.
get a firewall, the windows built in firewall is a good start, a NAT router is also good.
get a spam filter, thunderbird can do spam filtering for you.

update your OS and programs, update , update , update…..
use auto-update if you can , browsers, mail programs, anti-virus, all must be updated.

Change your behavior

Don’t click on links in email, don’t do it, don’t even think about it.
Don’t open attachment in emails, unless you trust then sender then don’t open attachments.
Don’t browse to dodgy web sites, this means no searching for warez, porn, free ringtones.
Virus scan you computer every week.

Will this change the world?

This is just a start, think of it as bailing out a sinking boat with a tea spoon….
it will buy you time, others will notice what your doing and start to help.

the hackers will always have a new way to get in to your computer, the tips above will help.

As long as you keep your system patched, run a firewall and change you habits then you become a much harder target, you will be more secure than most home users.

links

free firewall
http://www.personalfirewall.comodo.com/
Or even zonealarm
Http://zonelabs.com

free mail program
http://www.mozilla-europe.org/en/products/thunderbird/

free anti-virus
http://www.avast.com/

Why do we want to securily remove data?

A good number of second hand computers still have data on them, credit card number, passwords and even medical records and e-mail.

if you are selling a computer or even giveing it away it pays to clean the drive of all your data first.

Technical information

The disks of a hard drive are divided into lots of little parts called sectors, each sector holding 512 bytes of data. So that the computer knows which sectors are being used to hold data, there is a reserved and protected part of the disk called the FAT (file allocation table).

When a file is written to the disk, the OS marks off in the FAT each sector used by the file. It also makes a note of the file name and the first sector of that file. When the file is read back, the OS looks up the first sector of the file and then reads-in the 512 bytes from the sector along with the address of the next sector for the file, and so on to the end of the file.

When you permanently delete a file (by emptying the recycle bin, allowing the bin to get full so that it overwrites the oldest files, or using a utility that bypasses the recycle bin) the OS does not delete data from every sector because this takes time. Instead it simply marks as free in the FAT every sector used by that file, and then removes the file name from the directory listing. It also makes the file name invisible to normal disk search methods, usually by replacing the first letter. This means that the space is now free to be used by other files, but the actual data is still present on the drive and can be recovered using undelete utilities provided it has not been overwritten by newer files.

Formatting the drive will empty the FAT and directory listing but again, it will not remove the data, and at this point your data can be recovered by reading directly from the sectors and putting the files back together like a puzzle.

How to stop people getting the data back

This depends on how much you care and how much cash you have.

The first and easiest way is just to reformat the drive. This will be OK if you just want to keep the drive and reuse it for other data. Your original data could still be recovered if a person wanted to, but it will get rid of data that you don’t want, clearing the disk for you to reuse.

The next level of security is provided by wiping the free space using a program like pgp or drive-crypt. This writes random data to all unused parts of the drive and is a good plan if you are selling the drive. If you do this and then change your mind, then nobody can (economically) help you recover your data.

Note that some programs don’t write random data but instead they only write lots of 0’s (zeros) to fill up the drive.

There are several programs that you can use to perform a random wipe:

pgp: http://www.pgp.com/
Partition Magic: http://www.powerquest.com
Window Washer: http://www.webroot.com/washer.htm
ERASER: http://sourceforge.net/projects/eraser/
Steganos: http://www.steganos.com/
KillDisk: http://www.killdisk.com/features.htm
Darik’s Boot And Nuke: http://dban.sourceforge.net/

I don’t know how well each of the above programs work, so do your own research. Read the info about them at their web pages and see if it is a random wipe or a 0’s fill, because a 0’s fill is not quite as good. Search for and read any user reviews to help you decide.

If you are a Linux user then a random wipe can be done as follows:

dd if=/dev/random of=/dev/hda bs=1024k count=4096

The Linux “dd ..” method requires care. You need to calculate the “count=” value to match the size of the disk (or not include it… no “count=xxxx” will “probably” write the whole disk). The “hda” in the example means “the whole of the first disk on the first IDE interface”. That might be your system disk. There is no permission byte for “the whole disk”; it’s not part of a file system — it’s the whole disk. So use the correct “/dev/XXX” value, the idea is to unrecoverably erase a disk. For “complete” erasure, repeat the command a few times. Seven seems to be the US DoD number.

Keep in mind that any true random wipe program will take a lot of time to run:

don’t trust any program that says it can wipe a disk in under 10 minutes. Just stop for a moment and consider how long it should take to write 40Gb of data to the drive 7 times over!

A special note for the paranoid or those who have something to hide

Even after random data has been written to the drive it is still possible to recover data using special tools that security consultants, police and government agencies have access to.
If this is a problem for you and you really think that the government is out to get you, then you should simply destroy the drive and buy a new one. Exactly how you destroy it is up to you but I read that the US government has a system for destroying computer equipment by cross cut, crush, grind, burn and then spread on the roads as grit in winter.

For more info about data recovery and the art of data destruction, have a read here.

As for setting up a system that will destroy the drive at time of boot unless some special start-up procedure is followed, this might have worked in years gone by but in today’s world serious investigators won’t boot a system until the drive has been copied.

Use of any of the programs in this article will wipe ALL your DATA and it will no longer be recoverable by any ECONOMICALLY AVAILABLE means so be very very sure you want (or need) to do this before you start.