Need to Leave Windows XP?

Recently, I have had to change 5 computers at work from Windows XP to Windows 8.1. The reason for the change is that Microsoft will no longer support Windows XP starting April 8, 2014. Due to a tight non-profit budget, I updated most of the computers to Windows 8.1 and I bought a new computer to replace a system I could not update.

How does this relate to you the reader of this article? Why do I the need to change to Windows 8.1 and why did I need to buy a new computer? You might be asking yourself, “Does this lack of support mean any computer running XP will stop working?”

Fortunately, the answer to the last question is no. If your computer is running XP, it will not stop working at 12:00 am on April 8.  However (to answer the first to questions), there may be a need for you to stop using your computer until you replace XP or get a new computer. Why to do I say “may” instead of “you need”?

For those who do not have their computer connected to another computer or the internet, they can keep running your computer with little risk of having a security issue. In most cases, this applies to people who bought the computer for word processing and playing solitaire. My mother-in-law uses her computer strictly for “typing letters to her friends”, and there really is no need to update or buy a replacement computer at this time.

If you fall in the above category, I need stress that just because all you do is play solitaire or write letters means your computer is safe. You need to check your computer to make sure you do not have the computer connected to the internet or another computer. While you do not use the internet, your computer is still vulnerable if it can connect to the internet.

Therefore, after April 8, 2014 make sure your computer does not have a phone cord or a patch cord (look like a thick phone cord) attached to it. This cable means you are connected to the internet or have the potential to be connected to the internet. In addition, if your computer has Wi-Fi, make sure you turn off or disable it.

However, if check your email or go out on the internet to do your banking, visit Facebook, or read the local paper, you will need to replace the operating system or get a new computer. The reason being is the Microsoft will no longer patch security holes in XP and your computer becomes more and more vulnerable to attack each day.

Does this mean you need to rush out and get a new computer before April 8? Do you need to replace the operating system by April 8th? In my humble opinion, the answer is no. April 8th is the day the last patches will be coming out. Therefore, if you need to wait a couple of weeks after that date, you should be relatively safe if you have a good anti-virus program and stay away from unsafe emails and internet sites.

So should you buy a new computer or upgrade the OS from XP to Windows 8.1? In most cases, I suggest buying a new computer instead of updating your OS. While Windows 8.1 does run on a lot of computers that are currently XP, the process is not straight forward.

First, you need to have a DVD drive on your computer to use the Windows 8.1 install disk and some older computers do not have DVD drives. Second, you need to make sure your processor and video card are compatible with the new OS. Third, you need to check to see if you have enough memory and a large enough hard drive to run the new OS. Finally, you need to backup all your data because installing the new OS will erase your hard drive; if you miss something, it is gone and you will be unable to retrieve it. (I made that mistake on one of the computers I updated.)

Another reason I suggest getting a new computer is your computer is probably around 10-12 years old. Why spend $100 or more getting your old computer to work and risk it breaking down in the year or two.

If you go with a new computer, get a faster computer that meets all the hardware requirements for Windows 8.1. You then can more leisurely transfer data from the old computer to the new computer using a flash drive or an easy transfer cable. (Or you can pay a technician to move the data for you.) If you notice something missing, you can go back into the old computer and get the missing data.

Whatever option you choose, there is a short time before April 8.

KeePass – Free & Easy Password Protection

KeePass Logo
KeePass Logo

If you have an online account, most likely you have to have a password to access that account. The trick is how do you create a password that is easy to remember, but not easy for someone else to guess?

Some of us have used important dates in our lives, maiden names, names of our kids, phone numbers, street addresses, or things like password123, letmein, or 1234. Unfortunately, in this age, it is easy for criminals find all this information, and they know to try to words like ‘password’ or ‘letmein.’ Thanks to social media, and public access to many records, it doesn’t take long to search out maiden names, birthdates, anniversaries, etc.

So we are then forced to come up with complicated passwords such as r9G3jc9vVnw23da3. Unfortunately, this random password is a challenge to remember. So we write it down and hide it under our keyboards or in a nearby desk drawer.

Unfortunately, criminals know about our inability to remember passwords and our need to write them down and have them handy. So they will take the time to look under keyboards and in desk drawers to find them.

While this is an aside from the purpose of this article, I want to share a true story with you. I had a coworker who kept her password list on her desk. She told me that because she had about 16 potential passwords written on list, someone wanting to get on her computer would have a hard time guessing her password. I looked and her list and then entered on of the passwords on her list. It immediately opened her computer and I had complete access to her files.

So what is a person to do? My recommendation is get yourself a password vault like KeePass. While you can buy a password vault from a commercial company, KeePass is a popularly recommended password vault that is absolutely free.

What a password vault does is it securely stores your passwords in an encrypted format. These means, unless you are the NSA or have access to sophisticated computer hardware, the passwords cannot be unencrypted unless you have the password for the vault.

To use the KeePass vault, you first create a data file that can be stored on your computer, a flash drive, or even on a cloud drive such a Dropbox. Then you assign a key password for that file. Without this password, you will not be able to access the vault file. So if you forget it, all your passwords will be lost to you. There is no reset option for the vault password.

There is another risk with using a password vault. If your vault password falls into the wrong hands, the will have access to all the passwords you have stored in the vault. So make sure if you write down your password, you keep it in a safe place far from your computer. You will also have to make the password that is hard to guess.

Once you pick a good password, can enter the information about the web account and have the have the program generate a random password for you. Then cut and password into the password entry field of the account when you create the web account or into the password field after you go through the steps to change your password for that account.

If you have a hard time remember complicated passwords, try KeePass. For more information visit  http://keepass.info/help/base/index.html and http://keepass.info/screenshots.html

What is Layered Security

Drawing of Castle
Wikipedia Public Domain

Earlier, I mentioned “layered security,” and felt it would be good to expand what I mean when I use that term.  Layered security, to me, means that you do not depend on one method of protecting your computer, laptop, or phone.

Often I have heard people say, “I have an antivirus program, so I am protected.” Well, yes you have protection, but an antivirus program is not a 100% guarantee that your computer will not get a virus. Why? Because it is a cat and mouse game when it comes to virus protection. Antivirus companies work hard to make better ways to stopping viruses,  but the problem is that there are people working hard to make better, sneakier, and stronger viruses.

Am I saying don’t get an antivirus program? No! Just don’t act like bulletproof when you read emails, downloading, and surfing the web. One of the first layers of security I recommend is being smart and on the defensive when using your computer. (More on this in another post. Also see my post on WOT – Web of Trust.) Note: MAC users, despite what you might thinks, MACs get viruses too! See http://www.maximumpc.com/article/news/flashback_trojan_responsible_nearly_600000_mac_attacks_and_counting**

Another layer I always recommend is patching your software aka installing updates. While most of the newer OS (Operating System like Windows) have the auto update setting turned on, your other programs may not automatically update. So it is a good idea to check your software vendor’s website from time to time to see if there is an update for your program.

So now you have three layers of security, not just one protecting your computer. In the future I will share with you even more.

** Footnote: Don’t use more than one antivirus program. In other words, three antivirus programs are not better than one. Just like taking more than the prescribed medication can be bad for you, too many antivirus programs can be hazardous for your computer.

 

 

Recommended Article: How to Set Up A PC

Rather than rewrite or rehash a perfectly good article, I suggest the following article from Maximum PC. It show you how to clean up a brand new computer and then configure it they way you want it. It is a lot cheaper than paying someone else to do it.

Logo for Maximum PC

How to Set Up a PC

 Posted 07/08/2013 at 5:45pm | by Gordon Mah Ung and David Murphy

Suspicious URLS’s and Files?

One of my new tools in my layered security blanket is a site called virsustotal. What is great about virus_totalthis website is that you can take a link in an email, copy and paste it into the search field and then scan it without harming your computer. (Note: you have to click on the scan URL link below the scan button to switch from the default scan file mode.)

The other plus is you can download a file from a website, and have it scanned by not one many different antivirus vendors.

virus_total_2It should be noted that this website application does not “guarantee” that the program you download is not a virus, worm, trojan, or malware. In fact no antivirus program can provide 100% protection, but it does provide another layer of security.